List of usage examples for javax.xml.stream XMLInputFactory setProperty
public abstract void setProperty(java.lang.String name, Object value) throws java.lang.IllegalArgumentException;
From source file:com.ikanow.infinit.e.data_model.custom.InfiniteFileInputXmlParser.java
@Override public InfiniteFileInputParser initialize(InputStream inStream, SourceFileConfigPojo fileConfig) throws IOException { // Processing logic levelOneFields = new ArrayList<String>(); ignoreFields = new ArrayList<String>(); if (null != fileConfig.XmlPreserveCase) { this.bPreserveCase = fileConfig.XmlPreserveCase; }// w w w . j ava 2 s .c o m XmlSourceName = fileConfig.XmlSourceName; PKElement = fileConfig.XmlPrimaryKey; setLevelOneField(fileConfig.XmlRootLevelValues); setIgnoreField(fileConfig.XmlIgnoreValues); AttributePrefix = fileConfig.XmlAttributePrefix; _sb = new StringBuffer(); // Input stream -> reader XMLInputFactory factory = XMLInputFactory.newInstance(); factory.setProperty(XMLInputFactory.IS_COALESCING, true); factory.setProperty(XMLInputFactory.SUPPORT_DTD, false); try { _xmlStreamReader = factory.createXMLStreamReader(inStream); } catch (XMLStreamException e) { throw new IOException(e); } return this; }
From source file:com.norconex.collector.http.sitemap.impl.DefaultSitemapResolver.java
private void parseLocation(InputStream is, DefaultHttpClient httpClient, SitemapURLStore sitemapURLStore, Set<String> resolvedLocations, String location) throws XMLStreamException { XMLInputFactory inputFactory = XMLInputFactory.newInstance(); inputFactory.setProperty(XMLInputFactory.IS_COALESCING, true); XMLStreamReader xmlReader = inputFactory.createXMLStreamReader(is); ParseState parseState = new ParseState(); String locationDir = StringUtils.substringBeforeLast(location, "/"); int event = xmlReader.getEventType(); while (true) { switch (event) { case XMLStreamConstants.START_ELEMENT: String tag = xmlReader.getLocalName(); parseStartElement(parseState, tag); break; case XMLStreamConstants.CHARACTERS: String value = xmlReader.getText(); if (parseState.sitemapIndex && parseState.loc) { resolveLocation(value, httpClient, sitemapURLStore, resolvedLocations); parseState.loc = false;/*from ww w. ja v a2 s . com*/ } else if (parseState.baseURL != null) { parseCharacters(parseState, value); } break; case XMLStreamConstants.END_ELEMENT: tag = xmlReader.getLocalName(); parseEndElement(sitemapURLStore, parseState, locationDir, tag); break; } if (!xmlReader.hasNext()) { break; } event = xmlReader.next(); } }
From source file:edu.unc.lib.dl.services.TripleStoreManagerMulgaraImpl.java
/** * @param query/*from w w w. ja v a 2 s . c o m*/ * an ITQL command * @return the message returned by Mulgara * @throws RemoteException * for communication failure */ public String storeCommand(String query) { String result = null; String response = this.sendTQL(query); if (response != null) { StringReader sr = new StringReader(response); XMLInputFactory factory = XMLInputFactory.newInstance(); factory.setProperty(XMLInputFactory.IS_COALESCING, Boolean.TRUE); XMLEventReader r = null; try { boolean inMessage = false; StringBuffer message = new StringBuffer(); r = factory.createXMLEventReader(sr); while (r.hasNext()) { XMLEvent e = r.nextEvent(); if (e.isStartElement()) { StartElement s = e.asStartElement(); if ("message".equals(s.getName().getLocalPart())) { inMessage = true; } } else if (e.isEndElement()) { EndElement end = e.asEndElement(); if ("message".equals(end.getName().getLocalPart())) { inMessage = false; } } else if (inMessage && e.isCharacters()) { message.append(e.asCharacters().getData()); } } result = message.toString(); } catch (XMLStreamException e) { e.printStackTrace(); } finally { if (r != null) { try { r.close(); } catch (Exception ignored) { log.error(ignored); } } } sr.close(); } return result; }
From source file:com.streamsets.pipeline.lib.xml.StreamingXmlParser.java
public StreamingXmlParser(Reader reader, String recordElement, Map<String, String> namespaces, long initialPosition, boolean useFieldAttributesInsteadOfFields) throws IOException, XMLStreamException { this.reader = reader; this.useFieldAttributesInsteadOfFields = useFieldAttributesInsteadOfFields; if (Strings.isNullOrEmpty(recordElement)) { this.recordElement = Constants.ROOT_ELEMENT_PATH; } else {/* w w w . j a v a 2 s . c o m*/ this.recordElement = recordElement; } XMLInputFactory factory = XMLInputFactory.newFactory(); factory.setProperty("javax.xml.stream.isCoalescing", true); factory.setProperty("javax.xml.stream.isSupportingExternalEntities", false); factory.setProperty("javax.xml.stream.supportDTD", false); this.xmlEventReader = new XPathMatchingEventReader(factory.createXMLEventReader(reader), this.recordElement, namespaces); while (hasNext(xmlEventReader) && !peek(xmlEventReader).isEndDocument() && !peek(xmlEventReader).isStartElement()) { read(xmlEventReader); } if (recordElement == null || recordElement.isEmpty()) { StartElement startE = (StartElement) peek(xmlEventReader); this.recordElement = startE.getName().getLocalPart(); } else { //consuming root StartElement startE = (StartElement) read(xmlEventReader); elementNameStack.addFirst(getNameAndTrackNs(startE.getName())); } if (initialPosition > 0) { //fastforward to initial position while (hasNext(xmlEventReader) && peek(xmlEventReader).getLocation().getCharacterOffset() < initialPosition) { read(xmlEventReader); fastForwardLeaseReader(); } xmlEventReader.clearLastMatch(); } }
From source file:ca.efendi.datafeeds.messaging.FtpSubscriptionMessageListener.java
private void parse(FtpSubscription ftpSubscription, final InputStream is) throws XMLStreamException { final XMLInputFactory factory = XMLInputFactory.newInstance(); factory.setProperty(XMLInputFactory.IS_REPLACING_ENTITY_REFERENCES, true); factory.setProperty(XMLInputFactory.IS_COALESCING, true); final XMLStreamReader reader = factory.createXMLStreamReader(is, "UTF-8"); CJProduct product = null;/*from ww w .java 2 s . c o m*/ String tagContent = null; //final ServiceContext serviceContext = new ServiceContext(); //ServiceContext serviceContext = ServiceContextFactory.getInstance( // BlogsEntry.class.getName(), actionRequest); //serviceContext.setScopeGroupId(20159); while (reader.hasNext()) { final int event = reader.next(); switch (event) { case XMLStreamConstants.START_ELEMENT: //tagContent = ""; if ("product".equals(reader.getLocalName())) { product = _cjProductLocalService.createCJProduct(0); } break; case XMLStreamConstants.CHARACTERS: //tagContent += reader.getText().trim(); tagContent = reader.getText().trim(); break; case XMLStreamConstants.END_ELEMENT: switch (reader.getLocalName()) { case "product": try { _log.warn("refreshing document..."); _cjProductLocalService.refresh(ftpSubscription, product); } catch (final SystemException e) { _log.error(e); } catch (final PortalException e) { _log.error(e); } break; case "programname": product.setProgramName(tagContent); break; case "programurl": product.setProgramUrl(tagContent); break; case "catalogname": product.setCatalogName(tagContent); break; case "lastupdated": product.setLastUpdated(tagContent); break; case "name": product.setName(tagContent); break; case "keywords": product.setKeywords(tagContent); break; case "description": product.setDescription(tagContent); break; case "sku": product.setSku(tagContent); break; case "manufacturer": product.setManufacturer(tagContent); break; case "manufacturerid": product.setManufacturerId(tagContent); break; case "currency": product.setCurrency(tagContent); break; case "price": product.setPrice(tagContent); break; case "buyurl": product.setBuyUrl(tagContent); break; case "impressionurl": product.setImpressionUrl(tagContent); break; case "imageurl": product.setImageUrl(tagContent); break; case "instock": product.setInStock(tagContent); break; } break; case XMLStreamConstants.START_DOCUMENT: break; } } }
From source file:at.gv.egiz.slbinding.SLUnmarshaller.java
/** * @param source a StreamSource wrapping a Reader (!) for the marshalled Object * @return the unmarshalled Object//from w w w. j a v a 2 s . c om * @throws XMLStreamException * @throws JAXBException */ public Object unmarshal(StreamSource source) throws XMLStreamException, JAXBException { Reader inputReader = source.getReader(); /* Validate XML against XXE, XEE, and SSRF * * This pre-validation step is required because com.sun.xml.stream.sjsxp-1.0.2 XML stream parser library does not * support all XML parser features to prevent these types of attacks */ if (inputReader instanceof InputStreamReader) { try { //create copy of input stream InputStreamReader isReader = (InputStreamReader) inputReader; String encoding = isReader.getEncoding(); byte[] backup = IOUtils.toByteArray(isReader, encoding); //validate input stream DOMUtils.validateXMLAgainstXXEAndSSRFAttacks(new ByteArrayInputStream(backup)); //create new inputStreamReader for reak processing inputReader = new InputStreamReader(new ByteArrayInputStream(backup), encoding); } catch (XMLStreamException e) { log.error("XML data validation FAILED with msg: " + e.getMessage(), e); throw new XMLStreamException("XML data validation FAILED with msg: " + e.getMessage(), e); } catch (IOException e) { log.error("XML data validation FAILED with msg: " + e.getMessage(), e); throw new XMLStreamException("XML data validation FAILED with msg: " + e.getMessage(), e); } } else { log.error("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"); log.error( "Reader is not of type InputStreamReader -> can not make a copy of the InputStream --> extended XML validation is not possible!!! "); log.error("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"); } /* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! * parse XML with original functionality * * This code implements the the original mocca XML processing by using * com.sun.xml.stream.sjsxp-1.0.2 XML stream parser library. Currently, this library is required to get full * security-layer specific XML processing. However, this lib does not fully support XXE, XEE and SSRF * prevention mechanisms (e.g.: XMLInputFactory.SUPPORT_DTD flag is not used) * * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! */ XMLInputFactory inputFactory = XMLInputFactory.newInstance(); //disallow DTD and external entities inputFactory.setProperty(XMLInputFactory.SUPPORT_DTD, false); inputFactory.setProperty("javax.xml.stream.isSupportingExternalEntities", false); XMLEventReader eventReader = inputFactory.createXMLEventReader(inputReader); RedirectEventFilter redirectEventFilter = new RedirectEventFilter(); XMLEventReader filteredReader = inputFactory.createFilteredReader(eventReader, redirectEventFilter); Unmarshaller unmarshaller = jaxbContext.createUnmarshaller(); ReportingValidationEventHandler validationEventHandler = new ReportingValidationEventHandler(); unmarshaller.setEventHandler(validationEventHandler); unmarshaller.setListener(new RedirectUnmarshallerListener(redirectEventFilter)); unmarshaller.setSchema(slSchema); Object object; try { log.trace("Before unmarshal()."); object = unmarshaller.unmarshal(filteredReader); log.trace("After unmarshal()."); } catch (UnmarshalException e) { if (log.isDebugEnabled()) { log.debug("Failed to unmarshal security layer message.", e); } else { log.info("Failed to unmarshal security layer message." + (e.getMessage() != null ? " " + e.getMessage() : "")); } if (validationEventHandler.getErrorEvent() != null) { ValidationEvent errorEvent = validationEventHandler.getErrorEvent(); if (e.getLinkedException() == null) { e.setLinkedException(errorEvent.getLinkedException()); } } throw e; } return object; }
From source file:edu.harvard.iq.dvn.core.analysis.NetworkDataServiceBean.java
private void processXML(String fileName, NetworkDataFile ndf) throws XMLStreamException, IOException { File file = new File(fileName); FileReader fileReader = new FileReader(file); javax.xml.stream.XMLInputFactory xmlif = javax.xml.stream.XMLInputFactory.newInstance(); xmlif.setProperty("javax.xml.stream.isCoalescing", java.lang.Boolean.TRUE); XMLStreamReader xmlr = xmlif.createXMLStreamReader(fileReader); for (int event = xmlr.next(); event != XMLStreamConstants.END_DOCUMENT; event = xmlr.next()) { if (event == XMLStreamConstants.START_ELEMENT) { if (xmlr.getLocalName().equals("key")) processKey(xmlr, ndf);//from w ww . jav a 2 s .c om else if (xmlr.getLocalName().equals("graph")) processGraph(xmlr, ndf); } else if (event == XMLStreamConstants.END_ELEMENT) { if (xmlr.getLocalName().equals("graphml")) return; } } // If #nodes and #edges is not set, then go thru list to count them }
From source file:org.restlet.ext.jackson.JacksonRepresentation.java
/** * Creates a Jackson object mapper based on a media type. It supports JSON, * JSON Smile, XML, YAML and CSV.//from ww w . ja v a 2 s. c o m * * @return The Jackson object mapper. */ protected ObjectMapper createObjectMapper() { ObjectMapper result = null; if (MediaType.APPLICATION_JSON.isCompatible(getMediaType())) { JsonFactory jsonFactory = new JsonFactory(); jsonFactory.configure(Feature.AUTO_CLOSE_TARGET, false); result = new ObjectMapper(jsonFactory); } else if (MediaType.APPLICATION_JSON_SMILE.isCompatible(getMediaType())) { SmileFactory smileFactory = new SmileFactory(); smileFactory.configure(Feature.AUTO_CLOSE_TARGET, false); result = new ObjectMapper(smileFactory); // [ifndef android] } else if (MediaType.APPLICATION_XML.isCompatible(getMediaType()) || MediaType.TEXT_XML.isCompatible(getMediaType())) { javax.xml.stream.XMLInputFactory xif = XmlFactoryProvider.newInputFactory(); xif.setProperty(javax.xml.stream.XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, isExpandingEntityRefs()); xif.setProperty(javax.xml.stream.XMLInputFactory.SUPPORT_DTD, isExpandingEntityRefs()); xif.setProperty(javax.xml.stream.XMLInputFactory.IS_VALIDATING, isValidatingDtd()); javax.xml.stream.XMLOutputFactory xof = XmlFactoryProvider.newOutputFactory(); XmlFactory xmlFactory = new XmlFactory(xif, xof); xmlFactory.configure(Feature.AUTO_CLOSE_TARGET, false); result = new XmlMapper(xmlFactory); // [enddef] } else if (MediaType.APPLICATION_YAML.isCompatible(getMediaType()) || MediaType.TEXT_YAML.isCompatible(getMediaType())) { YAMLFactory yamlFactory = new YAMLFactory(); yamlFactory.configure(Feature.AUTO_CLOSE_TARGET, false); result = new ObjectMapper(yamlFactory); } else if (MediaType.TEXT_CSV.isCompatible(getMediaType())) { CsvFactory csvFactory = new CsvFactory(); csvFactory.configure(Feature.AUTO_CLOSE_TARGET, false); result = new CsvMapper(csvFactory); } else { JsonFactory jsonFactory = new JsonFactory(); jsonFactory.configure(Feature.AUTO_CLOSE_TARGET, false); result = new ObjectMapper(jsonFactory); } return result; }
From source file:microsoft.exchange.webservices.data.core.EwsXmlReader.java
/** * Initializes the XML reader./*w ww . j a va 2s . c o m*/ * * @param stream the stream * @return An XML reader to use. * @throws Exception on error */ protected XMLEventReader initializeXmlReader(InputStream stream) throws Exception { XMLInputFactory inputFactory = XMLInputFactory.newInstance(); inputFactory.setProperty(XMLInputFactory.SUPPORT_DTD, false); return inputFactory.createXMLEventReader(stream); }
From source file:ca.uhn.fhir.util.XmlUtil.java
private static XMLInputFactory getOrCreateInputFactory() throws FactoryConfigurationError { if (ourInputFactory == null) { try {/*from w w w.j av a2s .c o m*/ // Detect if we're running with the Android lib, and force repackaged Woodstox to be used Class.forName("ca.uhn.fhir.repackage.javax.xml.stream.XMLInputFactory"); System.setProperty("javax.xml.stream.XMLInputFactory", "com.ctc.wstx.stax.WstxInputFactory"); } catch (ClassNotFoundException e) { // ok } XMLInputFactory inputFactory = newInputFactory(); if (!ourHaveLoggedStaxImplementation) { logStaxImplementation(inputFactory.getClass()); } /* * These two properties disable external entity processing, which can * be a security vulnerability. * * See https://github.com/jamesagnew/hapi-fhir/issues/339 * https://www.owasp.org/index.php/XML_External_Entity_%28XXE%29_Processing */ inputFactory.setProperty(XMLInputFactory.SUPPORT_DTD, false); // This disables DTDs entirely for that factory inputFactory.setProperty("javax.xml.stream.isSupportingExternalEntities", false); // disable external entities /* * In the following few lines, you can uncomment the first and comment the second to disable automatic * parsing of extended entities, e.g. § * * Note that these properties are Woodstox specific and they cause a crash in environments where SJSXP is * being used (e.g. glassfish) so we don't set them there. */ try { Class.forName("com.ctc.wstx.stax.WstxInputFactory"); if (inputFactory instanceof com.ctc.wstx.stax.WstxInputFactory) { // inputFactory.setProperty(WstxInputFactory.IS_REPLACING_ENTITY_REFERENCES, false); inputFactory.setProperty(WstxInputProperties.P_UNDECLARED_ENTITY_RESOLVER, XML_RESOLVER); try { inputFactory.setProperty(WstxInputProperties.P_MAX_ATTRIBUTE_SIZE, "100000000"); } catch (IllegalArgumentException e) { // ignore } } } catch (ClassNotFoundException e) { ourLog.debug("WstxOutputFactory (Woodstox) not found on classpath"); } ourInputFactory = inputFactory; } return ourInputFactory; }