aboutsummaryrefslogtreecommitdiff
path: root/id/server/moa-id-commons
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/moa-id-commons')
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java14
1 files changed, 11 insertions, 3 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
index fed968443..62a168ac8 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
@@ -28,6 +28,7 @@ import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
@@ -542,6 +543,7 @@ public class DOMUtils {
/**
* A convenience method to parse an XML document non validating.
+ * This method disallow DocType declarations
*
* @param inputStream The <code>InputStream</code> containing the XML
* document.
@@ -552,10 +554,16 @@ public class DOMUtils {
* parser.
*/
public static Element parseXmlNonValidating(InputStream inputStream)
- throws ParserConfigurationException, SAXException, IOException {
+ throws ParserConfigurationException, SAXException, IOException {
return DOMUtils
- .parseDocument(inputStream, false, Constants.ALL_SCHEMA_LOCATIONS, null, null)
- .getDocumentElement();
+ .parseDocument(inputStream, false, Constants.ALL_SCHEMA_LOCATIONS, null,
+ Collections.unmodifiableMap(new HashMap<String, Object>() {
+ private static final long serialVersionUID = 1L;
+ {
+ put(DOMUtils.DISALLOW_DOCTYPE_FEATURE, true);
+
+ }
+ })).getDocumentElement();
}
/**