aboutsummaryrefslogtreecommitdiff
path: root/id/server/moa-id-commons/src
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-03-30 08:36:03 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-03-30 08:36:03 +0200
commitbd53025fa776091cd82d0fca57a28a5404fb4f37 (patch)
tree76cd9d099074c62949513ae269134bd3a31b1eae /id/server/moa-id-commons/src
parentc6edd632f9422a3873a85cd8b38b7e763a4bb5aa (diff)
downloadmoa-id-spss-bd53025fa776091cd82d0fca57a28a5404fb4f37.tar.gz
moa-id-spss-bd53025fa776091cd82d0fca57a28a5404fb4f37.tar.bz2
moa-id-spss-bd53025fa776091cd82d0fca57a28a5404fb4f37.zip
fix problem with XML parser and additional features options
Diffstat (limited to 'id/server/moa-id-commons/src')
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java97
-rw-r--r--id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/AllTests.java8
-rw-r--r--id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java23
-rw-r--r--id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java8
4 files changed, 113 insertions, 23 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
index 0a07fc4a7..95cd63643 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
@@ -33,6 +33,7 @@ import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
+import java.util.Map.Entry;
import java.util.Set;
import java.util.Vector;
@@ -115,7 +116,7 @@ public class DOMUtils {
private static final String EXTERNAL_PARAMETER_ENTITIES_FEATURE =
"http://xml.org/sax/features/external-parameter-entities";
- private static final String DISALLOW_DOCTYPE_FEATURE =
+ public static final String DISALLOW_DOCTYPE_FEATURE =
"http://apache.org/xml/features/disallow-doctype-decl";
@@ -205,7 +206,8 @@ public class DOMUtils {
String externalSchemaLocations,
String externalNoNamespaceSchemaLocation,
EntityResolver entityResolver,
- ErrorHandler errorHandler)
+ ErrorHandler errorHandler,
+ Map<String, Object> parserFeatures)
throws SAXException, IOException, ParserConfigurationException {
DOMParser parser;
@@ -247,8 +249,25 @@ public class DOMUtils {
parser.setFeature(EXTERNAL_GENERAL_ENTITIES_FEATURE, false);
parser.setFeature(EXTERNAL_PARAMETER_ENTITIES_FEATURE, false);
+ //set external added parser features
+ if (parserFeatures != null) {
+ for (Entry<String, Object> el : parserFeatures.entrySet()) {
+ String key = el.getKey();
+ if (MiscUtil.isNotEmpty(key)) {
+ Object value = el.getValue();
+ if (value != null && value instanceof Boolean)
+ parser.setFeature(key, (boolean)value);
+
+ else
+ Logger.warn("This XML parser only allows features with 'boolean' values");
+
+ } else
+ Logger.warn("Can not set 'null' feature to XML parser");
+ }
+ }
+
//fix XXE problem
- parser.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
+ //parser.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
if (validating) {
@@ -346,6 +365,7 @@ public class DOMUtils {
* @param externalNoNamespaceSchemaLocation The schema location of the
* schema for elements without a namespace, the same way it is accepted by the
* <code>xsi:noNamespaceSchemaLocation</code> attribute.
+ * @param parserFeatures
* @return The parsed XML document as a DOM tree.
* @throws SAXException An error occurred parsing the document.
* @throws IOException An error occurred reading the document.
@@ -356,7 +376,7 @@ public class DOMUtils {
InputStream inputStream,
boolean validating,
String externalSchemaLocations,
- String externalNoNamespaceSchemaLocation)
+ String externalNoNamespaceSchemaLocation, Map<String, Object> parserFeatures)
throws SAXException, IOException, ParserConfigurationException {
@@ -367,7 +387,8 @@ public class DOMUtils {
externalSchemaLocations,
externalNoNamespaceSchemaLocation,
new MOAEntityResolver(),
- new MOAErrorHandler());
+ new MOAErrorHandler(),
+ parserFeatures);
}
/**
@@ -396,6 +417,46 @@ public class DOMUtils {
String encoding,
boolean validating,
String externalSchemaLocations,
+ String externalNoNamespaceSchemaLocation,
+ Map<String, Object> parserFeatures)
+ throws SAXException, IOException, ParserConfigurationException {
+
+ InputStream in = new ByteArrayInputStream(xmlString.getBytes(encoding));
+ return parseDocument(
+ in,
+ validating,
+ externalSchemaLocations,
+ externalNoNamespaceSchemaLocation,
+ parserFeatures);
+ }
+
+
+ /**
+ * Parse an XML document from a <code>String</code>.
+ *
+ * It uses a <code>MOAEntityResolver</code> as the <code>EntityResolver</code>
+ * and a <code>MOAErrorHandler</code> as the <code>ErrorHandler</code>.
+ *
+ * @param xmlString The <code>String</code> containing the XML document.
+ * @param encoding The encoding of the XML document.
+ * @param validating If <code>true</code>, parse validating.
+ * @param externalSchemaLocations A <code>String</code> containing namespace
+ * URI to schema location pairs, the same way it is accepted by the <code>xsi:
+ * schemaLocation</code> attribute.
+ * @param externalNoNamespaceSchemaLocation The schema location of the
+ * schema for elements without a namespace, the same way it is accepted by the
+ * <code>xsi:noNamespaceSchemaLocation</code> attribute.
+ * @return The parsed XML document as a DOM tree.
+ * @throws SAXException An error occurred parsing the document.
+ * @throws IOException An error occurred reading the document.
+ * @throws ParserConfigurationException An error occurred configuring the XML
+ * parser.
+ */
+ public static Document parseDocument(
+ String xmlString,
+ String encoding,
+ boolean validating,
+ String externalSchemaLocations,
String externalNoNamespaceSchemaLocation)
throws SAXException, IOException, ParserConfigurationException {
@@ -404,7 +465,8 @@ public class DOMUtils {
in,
validating,
externalSchemaLocations,
- externalNoNamespaceSchemaLocation);
+ externalNoNamespaceSchemaLocation,
+ null);
}
/**
@@ -453,7 +515,26 @@ public class DOMUtils {
public static Element parseXmlValidating(InputStream inputStream)
throws ParserConfigurationException, SAXException, IOException {
return DOMUtils
- .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null)
+ .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null, null)
+ .getDocumentElement();
+ }
+
+ /**
+ * A convenience method to parse an XML document validating.
+ *
+ * @param inputStream The <code>InputStream</code> containing the XML
+ * document.
+ * @param parserFeatures Set additional features to XML parser
+ * @return The root element of the parsed XML document.
+ * @throws SAXException An error occurred parsing the document.
+ * @throws IOException An error occurred reading the document.
+ * @throws ParserConfigurationException An error occurred configuring the XML
+ * parser.
+ */
+ public static Element parseXmlValidating(InputStream inputStream, Map<String, Object> parserFeatures)
+ throws ParserConfigurationException, SAXException, IOException {
+ return DOMUtils
+ .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null, parserFeatures)
.getDocumentElement();
}
@@ -471,7 +552,7 @@ public class DOMUtils {
public static Element parseXmlNonValidating(InputStream inputStream)
throws ParserConfigurationException, SAXException, IOException {
return DOMUtils
- .parseDocument(inputStream, false, Constants.ALL_SCHEMA_LOCATIONS, null)
+ .parseDocument(inputStream, false, Constants.ALL_SCHEMA_LOCATIONS, null, null)
.getDocumentElement();
}
diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/AllTests.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/AllTests.java
index ba7a0edc4..c0a93bf03 100644
--- a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/AllTests.java
+++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/AllTests.java
@@ -24,16 +24,10 @@
package test.at.gv.egovernment.moa;
-import test.at.gv.egovernment.moa.util.DOMUtilsTest;
-import test.at.gv.egovernment.moa.util.DateTimeUtilsTest;
-import test.at.gv.egovernment.moa.util.KeyStoreUtilsTest;
-import test.at.gv.egovernment.moa.util.SSLUtilsTest;
-import test.at.gv.egovernment.moa.util.XPathUtilsTest;
-
import junit.awtui.TestRunner;
import junit.framework.Test;
import junit.framework.TestSuite;
-
+
/**
* @author patrick
* @version $Id$
diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java
index 5d1c5371a..66bf1faff 100644
--- a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java
+++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/MOATestCase.java
@@ -26,18 +26,19 @@ package test.at.gv.egovernment.moa;
import java.io.FileInputStream;
import java.io.StringReader;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import org.w3c.dom.Document;
-
import org.xml.sax.InputSource;
-import junit.framework.TestCase;
-
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
+import junit.framework.TestCase;
/**
* Base class for MOA test cases.
@@ -51,6 +52,16 @@ public class MOATestCase extends TestCase {
protected static final String TESTDATA_ROOT = "data/test/";
+ protected static final Map<String, Object> parserFeatures =
+ Collections.unmodifiableMap(new HashMap<String, Object>() {
+ private static final long serialVersionUID = 1L;
+ {
+ put(DOMUtils.DISALLOW_DOCTYPE_FEATURE, true);
+
+ }
+ });
+
+
/**
* Constructor for MOATestCase.
* @param arg0
@@ -67,7 +78,8 @@ public class MOATestCase extends TestCase {
new FileInputStream(fileName),
false,
null,
- null);
+ null,
+ parserFeatures);
}
/**
@@ -80,7 +92,8 @@ public class MOATestCase extends TestCase {
new FileInputStream(fileName),
true,
Constants.ALL_SCHEMA_LOCATIONS,
- null);
+ null,
+ parserFeatures);
}
/**
diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java
index 1a2b6904d..7b1c0cb67 100644
--- a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java
+++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/DOMUtilsTest.java
@@ -23,6 +23,7 @@
package test.at.gv.egovernment.moa.util;
+
import java.io.FileInputStream;
import java.util.Map;
@@ -30,10 +31,9 @@ import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
-import test.at.gv.egovernment.moa.*;
-
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
+import test.at.gv.egovernment.moa.MOATestCase;
/**
* @author Patrick Peck
@@ -78,7 +78,8 @@ public class DOMUtilsTest extends MOATestCase {
new FileInputStream(fileName),
true,
Constants.ALL_SCHEMA_LOCATIONS,
- null);
+ null,
+ parserFeatures);
}
public void testParseCreateXMLSignature() throws Exception {
@@ -113,6 +114,7 @@ public class DOMUtilsTest extends MOATestCase {
new FileInputStream(fileName),
false,
null,
+ null,
null);
}