Am I correct in assuming that -componentfile accepts only local file arguments? If so, would it be possible to add to scapval the capability of allowing remote (online) component file validation? I think this would be a great addition to scapval. I could see this feature being useful for SCAP 2.0 implementation, where a tool might want to create a source data stream collection on the fly using online OVAL or XCCDF content, but wants to test the online content for validity before assembling the source data stream collection.
Reported by Joshua Lubell:
When I provide a non-local URL for -componentfile, I get an error message. For example: ERROR Unable to read the specified content to validate: https://raw.githubusercontent.com/usnistgov/sctools/master/dita/examples/nist-example/checklist-content/xccdf.xml
i.e.: java -jar scapval-1.3.2.jar -componentfile https://github.com/usnistgov/sctools/blob/master/dita/examples/nist-example/checklist-content/oval.xml -online
Am I correct in assuming that -componentfile accepts only local file arguments? If so, would it be possible to add to scapval the capability of allowing remote (online) component file validation? I think this would be a great addition to scapval. I could see this feature being useful for SCAP 2.0 implementation, where a tool might want to create a source data stream collection on the fly using online OVAL or XCCDF content, but wants to test the online content for validity before assembling the source data stream collection.