Java Code Examples for javax.xml.parsers.SAXParserFactory#setXIncludeAware()
The following examples show how to use
javax.xml.parsers.SAXParserFactory#setXIncludeAware() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: UnittypeXML.java From freeacs with MIT License | 6 votes |
|
@SuppressWarnings("rawtypes")
public void load(String file_input) throws Exception {
SAXParserFactory factory = SAXParserFactory.newInstance();
factory.setXIncludeAware(true);
factory.setNamespaceAware(false);
factory.setValidating(false);
SAXParser parser = factory.newSAXParser();
SAXReader reader = new SAXReader(parser.getXMLReader());
Document document = reader.read(file_input);
info = new Info();
info.load(document.selectSingleNode("//unittype/info"));
Enums enums = new Enums();
enums.load(document.selectSingleNode("//unittype/parameters/enums"));
parameters = new Parameters();
List parameters_nodes = document.selectNodes("//unittype/parameters");
for (Object parameters_node : parameters_nodes) {
Node parameter_node = (Node) parameters_node;
parameters.load(parameter_node, enums);
}
}
Example 2
| Source File: AuctionItemRepository.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
/**
* Test xi:include with a SAXParserFactory.
*
* @throws Exception If any errors occur.
*/
@Test(groups = {"readWriteLocalFiles"})
public void testXIncludeSAXPos() throws Exception {
String resultFile = USER_DIR + "doc_xinclude.out";
String goldFile = GOLDEN_DIR + "doc_xincludeGold.xml";
String xmlFile = XML_DIR + "doc_xinclude.xml";
try(FileOutputStream fos = new FileOutputStream(resultFile)) {
XInclHandler xh = new XInclHandler(fos, null);
SAXParserFactory spf = SAXParserFactory.newInstance();
spf.setNamespaceAware(true);
spf.setXIncludeAware(true);
spf.setFeature(FEATURE_NAME, true);
spf.newSAXParser().parse(new File(xmlFile), xh);
}
assertTrue(compareDocumentWithGold(goldFile, resultFile));
}
Example 3
| Source File: AuctionItemRepository.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
/**
* Test the XPointer framework with a SAX object.
*
* @throws Exception If any errors occur.
*/
@Test(groups = {"readWriteLocalFiles"})
public void testXPointerPos() throws Exception {
String resultFile = USER_DIR + "doc_xpointer.out";
String goldFile = GOLDEN_DIR + "doc_xpointerGold.xml";
String xmlFile = XML_DIR + "doc_xpointer.xml";
try (FileOutputStream fos = new FileOutputStream(resultFile)) {
SAXParserFactory spf = SAXParserFactory.newInstance();
spf.setNamespaceAware(true);
spf.setXIncludeAware(true);
spf.setFeature(FEATURE_NAME, true);
// parse the file
spf.newSAXParser().parse(new File(xmlFile), new XInclHandler(fos, null));
}
assertTrue(compareDocumentWithGold(goldFile, resultFile));
}
Example 4
| Source File: XtbMessageBundle.java From astor with GNU General Public License v2.0 | 6 votes |
|
private SAXParser createSAXParser()
throws ParserConfigurationException, SAXException {
SAXParserFactory factory = SAXParserFactory.newInstance();
factory.setValidating(false);
factory.setXIncludeAware(false);
factory.setFeature(
"http://xml.org/sax/features/external-general-entities", false);
factory.setFeature(
"http://xml.org/sax/features/external-parameter-entities",false);
factory.setFeature(
"http://apache.org/xml/features/nonvalidating/load-external-dtd",
false);
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
SAXParser parser = factory.newSAXParser();
XMLReader xmlReader = parser.getXMLReader();
xmlReader.setEntityResolver(NOOP_RESOLVER);
return parser;
}
Example 5
| Source File: XMLParserUtils.java From teamengine with Apache License 2.0 | 6 votes |
|
/**
* Creates a SAXParser that is configured to resolve XInclude references but
* not perform schema validation.
*
* @param doBaseURIFixup
* A boolean value that specifies whether or not to add xml:base
* attributes when resolving xi:include elements; adding these
* attributes may render an instance document schema-invalid.
* @return An XInclude-aware SAXParser instance.
*
* @see <a href="http://www.w3.org/TR/xinclude/">XML Inclusions (XInclude)
* Version 1.0, Second Edition</a>
*/
public static SAXParser createXIncludeAwareSAXParser(boolean doBaseURIFixup) {
SAXParserFactory factory = SAXParserFactory.newInstance();
factory.setNamespaceAware(true);
factory.setXIncludeAware(true);
SAXParser parser = null;
try {
factory.setFeature(Constants.XERCES_FEATURE_PREFIX
+ Constants.XINCLUDE_FIXUP_BASE_URIS_FEATURE,
doBaseURIFixup);
parser = factory.newSAXParser();
} catch (Exception x) {
throw new RuntimeException(x);
}
return parser;
}
Example 6
| Source File: CatalogSupportBase.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
/**
* Returns an instance of SAXParser with a catalog if one is provided.
*
* @param setUseCatalog a flag indicates whether USE_CATALOG shall be set
* through the factory
* @param useCatalog the value of USE_CATALOG
* @param catalog a catalog
* @return an instance of SAXParser
* @throws ParserConfigurationException
* @throws SAXException
*/
SAXParser getSAXParser(boolean setUseCatalog, boolean useCatalog, String catalog)
throws ParserConfigurationException, SAXException {
SAXParserFactory spf = SAXParserFactory.newInstance();
spf.setNamespaceAware(true);
spf.setXIncludeAware(true);
if (setUseCatalog) {
spf.setFeature(XMLConstants.USE_CATALOG, useCatalog);
}
SAXParser parser = spf.newSAXParser();
parser.setProperty(CatalogFeatures.Feature.FILES.getPropertyName(), catalog);
return parser;
}
Example 7
| Source File: XslTransform.java From scipio-erp with Apache License 2.0 | 5 votes |
|
/**
* @param template the content or url of the xsl template
* @param data the content or url of the xml data file
* @throws TransformerException
*/
public static String renderTemplate(String template, String data)
throws TransformerException {
String result = null;
TransformerFactory tfactory = TransformerFactory.newInstance();
if (tfactory.getFeature(SAXSource.FEATURE)) {
// setup for xml data file preprocessing to be able to xinclude
SAXParserFactory pfactory= SAXParserFactory.newInstance();
pfactory.setNamespaceAware(true);
pfactory.setValidating(false);
pfactory.setXIncludeAware(true);
XMLReader reader = null;
try {
reader = pfactory.newSAXParser().getXMLReader();
} catch (Exception e) {
throw new TransformerException("Error creating SAX parser/reader", e);
}
// do the actual preprocessing
SAXSource source = new SAXSource(reader, new InputSource(data));
// compile the xsl template
Transformer transformer = tfactory.newTransformer(new StreamSource(template));
// and apply the xsl template to the source document and save in a result string
StringWriter sw = new StringWriter();
StreamResult sr = new StreamResult(sw);
transformer.transform(source, sr);
result = sw.toString();
} else {
Debug.logError("tfactory does not support SAX features!", module);
}
return result;
}
Example 8
| Source File: Resolver.java From xml-maven-plugin with Apache License 2.0 | 5 votes |
|
private Source asSaxSource( InputSource isource )
throws SAXException, ParserConfigurationException
{
SAXParserFactory spf = SAXParserFactory.newInstance();
spf.setValidating( validating );
spf.setNamespaceAware( true );
spf.setXIncludeAware( xincludeAware );
XMLReader xmlReader = spf.newSAXParser().getXMLReader();
xmlReader.setEntityResolver( this );
return new SAXSource( xmlReader, isource );
}
Example 9
| Source File: XmlFactoryConfiguration.java From rya with Apache License 2.0 | 5 votes |
|
/**
* Hardens the provided factory to protect against an XML External Entity (XXE) attack.
*
* @param factory - The factory to be modified.
* @throws SAXNotRecognizedException
* @throws SAXNotSupportedException
* @throws ParserConfigurationException
*/
public static void harden(final SAXParserFactory factory)
throws SAXNotRecognizedException, SAXNotSupportedException, ParserConfigurationException {
// From: https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Prevention_Cheat_Sheet
// To protect a Java SAXParserFactory from XXE, do this:
// This is the PRIMARY defense. If DTDs (doctypes) are disallowed, almost all XML entity attacks are prevented
factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
// If you can't completely disable DTDs, then at least do the following:
// Xerces 1 - http://xerces.apache.org/xerces-j/features.html#external-general-entities
// Xerces 2 - http://xerces.apache.org/xerces2-j/features.html#external-general-entities
// JDK7+ - http://xml.org/sax/features/external-general-entities
factory.setFeature("http://xml.org/sax/features/external-general-entities", false);
// Xerces 1 - http://xerces.apache.org/xerces-j/features.html#external-parameter-entities
// Xerces 2 - http://xerces.apache.org/xerces2-j/features.html#external-parameter-entities
// JDK7+ - http://xml.org/sax/features/external-parameter-entities
factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
// Disable external DTDs as well
factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
// and these as well, per Timothy Morgan's 2014 paper: "XML Schema, DTD, and Entity Attacks" (see reference
// below)
factory.setXIncludeAware(false);
}
Example 10
| Source File: DomLoader.java From metafacture-core with Apache License 2.0 | 5 votes |
|
private static XMLReader createSaxReader(Schema schema) {
final SAXParserFactory parserFactory = SAXParserFactory.newInstance();
parserFactory.setSchema(schema);
parserFactory.setNamespaceAware(true);
parserFactory.setXIncludeAware(true);
try {
return parserFactory.newSAXParser().getXMLReader();
} catch (ParserConfigurationException | SAXException e) {
throw new MetafactureException(e);
}
}
