org.xml.sax.EntityResolver Java Examples
The following examples show how to use
org.xml.sax.EntityResolver.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: DOMForestParser.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
public void parse(InputSource source, ContentHandler handler, ErrorHandler errorHandler, EntityResolver entityResolver)
throws SAXException, IOException {
String systemId = source.getSystemId();
Document dom = forest.get(systemId);
if (dom == null) {
// if no DOM tree is built for it,
// let the fall back parser parse the original document.
//
// for example, XSOM parses datatypes.xsd (XML Schema part 2)
// but this will never be built into the forest.
fallbackParser.parse(source, handler, errorHandler, entityResolver);
return;
}
scanner.scan(dom, handler);
}
Example #2
| Source File: XSLTTransformer.java From micro-integrator with Apache License 2.0 | 6 votes |
|
/**
* This method provides a secured document builder which will secure XXE attacks.
*
* @param setIgnoreComments whether to set setIgnoringComments in DocumentBuilderFactory.
* @return DocumentBuilder
* @throws ParserConfigurationException
*/
private static DocumentBuilder getSecuredDocumentBuilder(boolean setIgnoreComments) throws
ParserConfigurationException {
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setIgnoringComments(setIgnoreComments);
documentBuilderFactory.setNamespaceAware(true);
documentBuilderFactory.setXIncludeAware(false);
documentBuilderFactory.setExpandEntityReferences(false);
documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
SecurityManager securityManager = new SecurityManager();
securityManager.setEntityExpansionLimit(0);
documentBuilderFactory.setAttribute(Constants.XERCES_PROPERTY_PREFIX +
Constants.SECURITY_MANAGER_PROPERTY, securityManager);
documentBuilder.setEntityResolver(new EntityResolver() {
@Override
public InputSource resolveEntity(String publicId, String systemId) throws SAXException, IOException {
throw new SAXException("Possible XML External Entity (XXE) attack. Skip resolving entity");
}
});
return documentBuilder;
}
Example #3
| Source File: XMLPropertyListParser.java From Alite with GNU General Public License v3.0 | 6 votes |
|
/**
* Gets a DocumentBuilder to parse a XML property list.
* As DocumentBuilders are not thread-safe a new DocBuilder is generated for each request.
*
* @return A new DocBuilder that can parse property lists w/o an internet connection.
* @throws javax.xml.parsers.ParserConfigurationException If a document builder for parsing a XML property list
* could not be created. This should not occur.
*/
private static synchronized DocumentBuilder getDocBuilder() throws ParserConfigurationException {
if (docBuilderFactory == null)
initDocBuilderFactory();
DocumentBuilder docBuilder = docBuilderFactory.newDocumentBuilder();
docBuilder.setEntityResolver(new EntityResolver() {
public InputSource resolveEntity(String publicId, String systemId) {
if ("-//Apple Computer//DTD PLIST 1.0//EN".equals(publicId) || // older publicId
"-//Apple//DTD PLIST 1.0//EN".equals(publicId)) { // newer publicId
// return a dummy, zero length DTD so we don't have to fetch
// it from the network.
return new InputSource(new ByteArrayInputStream(new byte[0]));
}
return null;
}
});
return docBuilder;
}
Example #4
| Source File: MakeNBM.java From netbeans with Apache License 2.0 | 6 votes |
|
static void validateAgainstAUDTDs(InputSource input, final Path updaterJar, final Task task) throws IOException, SAXException {
XMLUtil.parse(input, true, false, XMLUtil.rethrowHandler(), new EntityResolver() {
ClassLoader loader = new AntClassLoader(task.getProject(), updaterJar);
public InputSource resolveEntity(String publicId, String systemId) throws SAXException, IOException {
String remote = "http://www.netbeans.org/dtds/";
if (systemId.startsWith(remote)) {
String rsrc = "org/netbeans/updater/resources/" + systemId.substring(remote.length());
URL u = loader.getResource(rsrc);
if (u != null) {
return new InputSource(u.toString());
} else {
task.log(rsrc + " not found in " + updaterJar, Project.MSG_WARN);
}
}
return null;
}
});
}
Example #5
| Source File: DOMParser.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
/**
* Return the current entity resolver.
*
* @return The current entity resolver, or null if none
* has been registered.
* @see #setEntityResolver
*/
public EntityResolver getEntityResolver() {
EntityResolver entityResolver = null;
try {
XMLEntityResolver xmlEntityResolver =
(XMLEntityResolver)fConfiguration.getProperty(ENTITY_RESOLVER);
if (xmlEntityResolver != null) {
if (xmlEntityResolver instanceof EntityResolverWrapper) {
entityResolver =
((EntityResolverWrapper) xmlEntityResolver).getEntityResolver();
}
else if (xmlEntityResolver instanceof EntityResolver2Wrapper) {
entityResolver =
((EntityResolver2Wrapper) xmlEntityResolver).getEntityResolver();
}
}
}
catch (XMLConfigurationException e) {
// do nothing
}
return entityResolver;
}
Example #6
| Source File: DOMForestParser.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
public void parse(InputSource source, ContentHandler handler, ErrorHandler errorHandler, EntityResolver entityResolver)
throws SAXException, IOException {
String systemId = source.getSystemId();
Document dom = forest.get(systemId);
if (dom == null) {
// if no DOM tree is built for it,
// let the fall back parser parse the original document.
//
// for example, XSOM parses datatypes.xsd (XML Schema part 2)
// but this will never be built into the forest.
fallbackParser.parse(source, handler, errorHandler, entityResolver);
return;
}
scanner.scan(dom, handler);
}
Example #7
| Source File: SchemaConstraintChecker.java From hottub with GNU General Public License v2.0 | 5 votes |
|
/**
* convert an array of {@link InputSource InputSource} into an
* array of {@link Source Source}
*
* @param schemas array of {@link InputSource InputSource}
* @return array of {@link Source Source}
*/
private static Source[] getSchemaSource(InputSource[] schemas, EntityResolver entityResolver) throws SAXException {
SAXSource[] sources = new SAXSource[schemas.length];
for (int i = 0; i < schemas.length; i++) {
sources[i] = new SAXSource(schemas[i]);
// sources[i].getXMLReader().setEntityResolver(entityResolver);
}
return sources;
}
Example #8
| Source File: SchemaConstraintChecker.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
|
/**
* convert an array of {@link InputSource InputSource} into an
* array of {@link Source Source}
*
* @param schemas array of {@link InputSource InputSource}
* @return array of {@link Source Source}
*/
private static Source[] getSchemaSource(InputSource[] schemas, EntityResolver entityResolver) throws SAXException {
SAXSource[] sources = new SAXSource[schemas.length];
for (int i = 0; i < schemas.length; i++) {
sources[i] = new SAXSource(schemas[i]);
// sources[i].getXMLReader().setEntityResolver(entityResolver);
}
return sources;
}
Example #9
| Source File: MicroSAXHandler.java From ph-commons with Apache License 2.0 | 5 votes |
|
public MicroSAXHandler (final boolean bSaveIgnorableWhitespaces,
@Nullable final EntityResolver aEntityResolver,
final boolean bTrackPosition)
{
m_bSaveIgnorableWhitespaces = bSaveIgnorableWhitespaces;
m_aEntityResolver = aEntityResolver;
m_aEntityResolver2 = aEntityResolver instanceof EntityResolver2 ? (EntityResolver2) aEntityResolver : null;
m_bTrackPosition = bTrackPosition;
}
Example #10
| Source File: DefaultDocumentLoader.java From java-technology-stack with MIT License | 5 votes |
|
/**
* Load the {@link Document} at the supplied {@link InputSource} using the standard JAXP-configured
* XML parser.
*/
@Override
public Document loadDocument(InputSource inputSource, EntityResolver entityResolver,
ErrorHandler errorHandler, int validationMode, boolean namespaceAware) throws Exception {
DocumentBuilderFactory factory = createDocumentBuilderFactory(validationMode, namespaceAware);
if (logger.isTraceEnabled()) {
logger.trace("Using JAXP provider [" + factory.getClass().getName() + "]");
}
DocumentBuilder builder = createDocumentBuilder(factory, entityResolver, errorHandler);
return builder.parse(inputSource);
}
Example #11
| Source File: WSEndpoint.java From openjdk-8 with GNU General Public License v2.0 | 5 votes |
|
public static <T> WSEndpoint<T> create(
@NotNull Class<T> implType,
boolean processHandlerAnnotation,
@Nullable Invoker invoker,
@Nullable QName serviceName,
@Nullable QName portName,
@Nullable Container container,
@Nullable WSBinding binding,
@Nullable SDDocumentSource primaryWsdl,
@Nullable Collection<? extends SDDocumentSource> metadata,
@Nullable EntityResolver resolver,
boolean isTransportSynchronous,
boolean isStandard)
{
final WSEndpoint<T> endpoint =
EndpointFactory.createEndpoint(
implType,processHandlerAnnotation, invoker,serviceName,portName,container,binding,primaryWsdl,metadata,resolver,isTransportSynchronous,isStandard);
final Iterator<ManagedEndpointFactory> managementFactories = ServiceFinder.find(ManagedEndpointFactory.class).iterator();
if (managementFactories.hasNext()) {
final ManagedEndpointFactory managementFactory = managementFactories.next();
final EndpointCreationAttributes attributes = new EndpointCreationAttributes(
processHandlerAnnotation, invoker, resolver, isTransportSynchronous);
WSEndpoint<T> managedEndpoint = managementFactory.createEndpoint(endpoint, attributes);
if (endpoint.getAssemblerContext().getTerminalTube() instanceof EndpointAwareTube) {
((EndpointAwareTube)endpoint.getAssemblerContext().getTerminalTube()).setEndpoint(managedEndpoint);
}
return managedEndpoint;
}
return endpoint;
}
Example #12
| Source File: WSEndpoint.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
/**
* Deprecated version that assumes {@code isTransportSynchronous==false}
*/
@Deprecated
public static <T> WSEndpoint<T> create(
@NotNull Class<T> implType,
boolean processHandlerAnnotation,
@Nullable Invoker invoker,
@Nullable QName serviceName,
@Nullable QName portName,
@Nullable Container container,
@Nullable WSBinding binding,
@Nullable SDDocumentSource primaryWsdl,
@Nullable Collection<? extends SDDocumentSource> metadata,
@Nullable EntityResolver resolver) {
return create(implType,processHandlerAnnotation,invoker,serviceName,portName,container,binding,primaryWsdl,metadata,resolver,false);
}
Example #13
| Source File: SchemaConstraintChecker.java From jdk8u60 with GNU General Public License v2.0 | 5 votes |
|
/**
* convert an array of {@link InputSource InputSource} into an
* array of {@link Source Source}
*
* @param schemas array of {@link InputSource InputSource}
* @return array of {@link Source Source}
*/
private static Source[] getSchemaSource(InputSource[] schemas, EntityResolver entityResolver) throws SAXException {
SAXSource[] sources = new SAXSource[schemas.length];
for (int i = 0; i < schemas.length; i++) {
sources[i] = new SAXSource(schemas[i]);
// sources[i].getXMLReader().setEntityResolver(entityResolver);
}
return sources;
}
Example #14
| Source File: AbstractSAXParser.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
|
/**
* Sets the resolver used to resolve external entities. The EntityResolver
* interface supports resolution of public and system identifiers.
*
* @param resolver The new entity resolver. Passing a null value will
* uninstall the currently installed resolver.
*/
public void setEntityResolver(EntityResolver resolver) {
try {
XMLEntityResolver xer = (XMLEntityResolver) fConfiguration.getProperty(ENTITY_RESOLVER);
if (fUseEntityResolver2 && resolver instanceof EntityResolver2) {
if (xer instanceof EntityResolver2Wrapper) {
EntityResolver2Wrapper er2w = (EntityResolver2Wrapper) xer;
er2w.setEntityResolver((EntityResolver2) resolver);
}
else {
fConfiguration.setProperty(ENTITY_RESOLVER,
new EntityResolver2Wrapper((EntityResolver2) resolver));
}
}
else {
if (xer instanceof EntityResolverWrapper) {
EntityResolverWrapper erw = (EntityResolverWrapper) xer;
erw.setEntityResolver(resolver);
}
else {
fConfiguration.setProperty(ENTITY_RESOLVER,
new EntityResolverWrapper(resolver));
}
}
}
catch (XMLConfigurationException e) {
// do nothing
}
}
Example #15
| Source File: ModelLoader.java From jdk8u60 with GNU General Public License v2.0 | 5 votes |
|
public XSOMParser createXSOMParser(final DOMForest forest) {
XSOMParser p = createXSOMParser(forest.createParser());
p.setEntityResolver(new EntityResolver() {
public InputSource resolveEntity(String publicId, String systemId) throws SAXException, IOException {
// DOMForest only parses documents that are reachable through systemIds,
// and it won't pick up references like <xs:import namespace="..." /> without
// @schemaLocation. So we still need to use an entity resolver here to resolve
// these references, yet we don't want to just run them blindly, since if we do that
// DOMForestParser always get the translated system ID when catalog is used
// (where DOMForest records trees with their original system IDs.)
if(systemId!=null && forest.get(systemId)!=null)
return new InputSource(systemId);
if(opt.entityResolver!=null)
return opt.entityResolver.resolveEntity(publicId,systemId);
return null;
}
});
return p;
}
Example #16
| Source File: ExternalEntity.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
public InputSource getInputSource(EntityResolver r)
throws IOException, SAXException {
InputSource retval;
retval = r.resolveEntity(publicId, systemId);
// SAX sez if null is returned, use the URI directly
if (retval == null)
retval = Resolver.createInputSource(new URL(systemId), false);
return retval;
}
Example #17
| Source File: EndpointFactory.java From hottub with GNU General Public License v2.0 | 5 votes |
|
public static <T> WSEndpoint<T> createEndpoint(
Class<T> implType, boolean processHandlerAnnotation, @Nullable Invoker invoker,
@Nullable QName serviceName, @Nullable QName portName,
@Nullable Container container, @Nullable WSBinding binding,
@Nullable SDDocumentSource primaryWsdl,
@Nullable Collection<? extends SDDocumentSource> metadata,
EntityResolver resolver, boolean isTransportSynchronous, boolean isStandard) {
EndpointFactory factory = container != null ? container.getSPI(EndpointFactory.class) : null;
if (factory == null)
factory = EndpointFactory.getInstance();
return factory.create(
implType,processHandlerAnnotation, invoker,serviceName,portName,container,binding,primaryWsdl,metadata,resolver,isTransportSynchronous,isStandard);
}
Example #18
| Source File: ExternalEntity.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
public InputSource getInputSource(EntityResolver r)
throws IOException, SAXException {
InputSource retval;
retval = r.resolveEntity(publicId, systemId);
// SAX sez if null is returned, use the URI directly
if (retval == null)
retval = Resolver.createInputSource(new URL(systemId), false);
return retval;
}
Example #19
| Source File: XmlCatalogUtil.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
/**
* Gets an EntityResolver using XML catalog
*
* @param catalogUrl
* @return
*/
public static EntityResolver createEntityResolver(@Nullable URL catalogUrl) {
ArrayList<URL> urlsArray = new ArrayList<>();
EntityResolver er;
if (catalogUrl != null) {
urlsArray.add(catalogUrl);
}
try {
er = createCatalogResolver(urlsArray);
} catch (Exception e) {
throw new ServerRtException("server.rt.err", e);
}
return er;
}
Example #20
| Source File: DeploymentDescriptorParser.java From openjdk-8 with GNU General Public License v2.0 | 5 votes |
|
/**
* Creates an {@link EntityResolver} that consults {@code /WEB-INF/jax-ws-catalog.xml}.
*/
private EntityResolver createEntityResolver() {
try {
return XmlUtil.createEntityResolver(loader.getCatalogFile());
} catch (MalformedURLException e) {
throw new WebServiceException(e);
}
}
Example #21
| Source File: UtilXml.java From scipio-erp with Apache License 2.0 | 4 votes |
|
public LocalResolver(EntityResolver defaultResolver) {
this.defaultResolver = defaultResolver;
}
Example #22
| Source File: Parser.java From memoir with Apache License 2.0 | 4 votes |
|
@Override
public void setEntityResolver(EntityResolver resolver) {
theEntityResolver = (resolver == null) ? this : resolver;
}
Example #23
| Source File: XMLUnit.java From xmlunit with Apache License 2.0 | 4 votes |
|
/**
* Obtains the EntityResolver to be added to all new control parsers.
*/
public static EntityResolver getControlEntityResolver() {
return controlEntityResolver;
}
Example #24
| Source File: StAXStream2SAX.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 4 votes |
|
/**
* This class is only used internally so this method should never
* be called.
*/
public void setEntityResolver(EntityResolver resolver) throws
NullPointerException
{
}
Example #25
| Source File: EndpointFactory.java From openjdk-jdk8u with GNU General Public License v2.0 | 4 votes |
|
public EntityResolverImpl(List<? extends SDDocumentSource> metadata, EntityResolver resolver) {
for (SDDocumentSource doc : metadata) {
this.metadata.put(doc.getSystemId().toExternalForm(),doc);
}
this.resolver = resolver;
}
Example #26
| Source File: SystemIdResolver.java From lucene-solr with Apache License 2.0 | 4 votes |
|
public EntityResolver asEntityResolver() {
return this;
}
Example #27
| Source File: ForkEntityResolver.java From openjdk-8-source with GNU General Public License v2.0 | 4 votes |
|
public ForkEntityResolver(EntityResolver lhs, EntityResolver rhs) {
this.lhs = lhs;
this.rhs = rhs;
}
Example #28
| Source File: StAXStream2SAX.java From openjdk-8 with GNU General Public License v2.0 | 4 votes |
|
/**
* This class is only used internally so this method should never
* be called.
*/
public void setEntityResolver(EntityResolver resolver) throws
NullPointerException
{
}
Example #29
| Source File: MarshallingSource.java From spring4-understanding with Apache License 2.0 | 4 votes |
|
@Override
public void setEntityResolver(EntityResolver entityResolver) {
this.entityResolver = entityResolver;
}
Example #30
| Source File: WsimportTool.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
public void setEntityResolver(EntityResolver resolver){
this.options.entityResolver = resolver;
}
