Example usage for javax.xml XMLConstants ACCESS_EXTERNAL_DTD

List of usage examples for javax.xml XMLConstants ACCESS_EXTERNAL_DTD

  1. HOME
  2. Java
  3. javax
  4. javax.xml.*
  5. XMLConstants
  6. ACCESS_EXTERNAL_DTD

Introduction

In this page you can find the example usage for javax.xml XMLConstants ACCESS_EXTERNAL_DTD.

Prototype

String ACCESS_EXTERNAL_DTD

To view the source code for javax.xml XMLConstants ACCESS_EXTERNAL_DTD.

Click Source Link

Document

Property: accessExternalDTD

Restrict access to external DTDs and external Entity References to the protocols specified.

Usage

From source file:Main.java

/**
 * Executes a transformation./*from w w w  .ja  va2  s .c  o m*/
 * <br>The output encoding is set to UTF-8
 * @param source the transformation source
 * @param result the transformation result
 * @param indent if true, the output indent key is set to "yes"
 * @throws TransformerException if an exception occurs
 */
public static void transform(javax.xml.transform.Source source, javax.xml.transform.Result result,
        boolean indent) throws TransformerException {
    TransformerFactory factory = TransformerFactory.newInstance();
    factory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
    factory.setFeature("http://javax.xml.XMLConstants/feature/secure-processing", true);
    //factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl",true); 
    Transformer transformer = factory.newTransformer();
    transformer.setOutputProperty(OutputKeys.ENCODING, DEFAULT_ENCODING);
    transformer.setOutputProperty(OutputKeys.METHOD, "xml");
    if (indent) {
        transformer.setOutputProperty(OutputKeys.INDENT, "yes");
        transformer.setOutputProperty("{http://xml.apache.org/xslt}indent-amount", "2");
    }
    transformer.transform(source, result);
}

From source file:ca.uhn.fhir.validation.SchemaBaseValidator.java

private void doValidate(IValidationContext<?> theContext, String schemaName) {
    Schema schema = loadSchema("dstu", schemaName);

    try {/*from w  w w.j  a v  a 2 s  . com*/
        Validator validator = schema.newValidator();
        MyErrorHandler handler = new MyErrorHandler(theContext);
        validator.setErrorHandler(handler);
        String encodedResource;
        if (theContext.getResourceAsStringEncoding() == EncodingEnum.XML) {
            encodedResource = theContext.getResourceAsString();
        } else {
            encodedResource = theContext.getFhirContext().newXmlParser()
                    .encodeResourceToString((IBaseResource) theContext.getResource());
        }

        try {
            /*
             * See https://github.com/jamesagnew/hapi-fhir/issues/339
             * https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing
             */
            validator.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD, "");
            validator.setProperty(XMLConstants.ACCESS_EXTERNAL_SCHEMA, "");
        } catch (SAXNotRecognizedException ex) {
            ourLog.warn("Jaxp 1.5 Support not found.", ex);
        }

        validator.validate(new StreamSource(new StringReader(encodedResource)));
    } catch (SAXParseException e) {
        SingleValidationMessage message = new SingleValidationMessage();
        message.setLocationLine(e.getLineNumber());
        message.setLocationCol(e.getColumnNumber());
        message.setMessage(e.getLocalizedMessage());
        message.setSeverity(ResultSeverityEnum.FATAL);
        theContext.addValidationMessage(message);
    } catch (SAXException e) {
        // Catch all
        throw new ConfigurationException("Could not load/parse schema file", e);
    } catch (IOException e) {
        // Catch all
        throw new ConfigurationException("Could not load/parse schema file", e);
    }
}

From source file:ca.uhn.fhir.validation.SchemaBaseValidator.java

private Schema loadSchema(String theVersion, String theSchemaName) {
    String key = theVersion + "-" + theSchemaName;

    synchronized (myKeyToSchema) {
        Schema schema = myKeyToSchema.get(key);
        if (schema != null) {
            return schema;
        }//from   w w w. j  av a  2 s .  co  m

        Source baseSource = loadXml(null, theSchemaName);

        SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
        schemaFactory.setResourceResolver(new MyResourceResolver());

        try {
            try {
                /*
                 * See https://github.com/jamesagnew/hapi-fhir/issues/339
                 * https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing
                 */
                schemaFactory.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD, "");
            } catch (SAXNotRecognizedException snex) {
                ourLog.warn("Jaxp 1.5 Support not found.", snex);
            }
            schema = schemaFactory.newSchema(new Source[] { baseSource });
        } catch (SAXException e) {
            throw new ConfigurationException("Could not load/parse schema file: " + theSchemaName, e);
        }
        myKeyToSchema.put(key, schema);
        return schema;
    }
}