Package overit.geocall.xml

Class SecureXml

java.lang.Object
overit.geocall.xml.SecureXml
public class SecureXml extends Object

  • Method Summary

    Modifier and Type
    Method
    Description
    static DocumentBuilderFactory
    newDocumentBuilderFactory()
    Create a new DocumentBuilderFactory instance, enabling the attributes in order to prevent: the access to external DTD the access to external schema the unsafe document processing
    static SAXParserFactory
    newSAXParserFactory()
    Create a new SAXParserFactory instance, enabling the attributes in order to prevent: the access to external DTD the access to external schema the unsafe document processing
    static SchemaFactory
    newSchemaFactory(String schemaLanguage)
    Create a new SchemaFactory instance, enabling the attributes in order to prevent: the access to external DTD the access to external schema the unsafe document processing
    static TransformerFactory
    newTransformerFactory()
    Create a new TransformerFactory instance, enabling the attributes in order to prevent: the access to external DTD the access to external stylesheet the unsafe document processing
    static boolean
    secure(DocumentBuilderFactory factory, String accessExternalDtd, String accessExternalSchema, String accessExternalStylesheet)
    Secures the DocumentBuilderFactory, by preventing the the access to external DTD the access to external schema the access to external stylesheet
    static boolean
    secure(SAXParser parser, String accessExternalDtd, String accessExternalSchema, String accessExternalStylesheet)
    Secures the SAXParser, by preventing the the access to external DTD the access to external schema the access to external stylesheet
    static boolean
    secure(TransformerFactory factory, String accessExternalDtd, String accessExternalSchema, String accessExternalStylesheet)
    Secures the TransformerFactory, by preventing the the access to external DTD the access to external schema the access to external stylesheet
    static boolean
    secure(SchemaFactory factory, String accessExternalDtd, String accessExternalSchema, String accessExternalStylesheet)
    Secures the SchemaFactory, by preventing the the access to external DTD the access to external schema the access to external stylesheet

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Method Details

    • newDocumentBuilderFactory

      public static DocumentBuilderFactory newDocumentBuilderFactory() throws ParserConfigurationException
      Create a new DocumentBuilderFactory instance, enabling the attributes in order to prevent:
      • the access to external DTD
      • the access to external schema
      • the unsafe document processing
      Returns:
      New instance of a DocumentBuilderFactory
      Throws:
      ParserConfigurationException - if this DocumentBuilderFactory or the DocumentBuilders it creates cannot support the XMLConstants.FEATURE_SECURE_PROCESSING feature.

    • newTransformerFactory

      public static TransformerFactory newTransformerFactory() throws TransformerConfigurationException
      Create a new TransformerFactory instance, enabling the attributes in order to prevent:
      • the access to external DTD
      • the access to external stylesheet
      • the unsafe document processing
      Returns:
      New instance of a TransformerFactory
      Throws:
      TransformerConfigurationException - if this TransformerFactory or the Transformers or Templates it creates cannot support the XMLConstants.FEATURE_SECURE_PROCESSING feature.

    • newSchemaFactory

      public static SchemaFactory newSchemaFactory(String schemaLanguage) throws SAXNotRecognizedException, SAXNotSupportedException
      Create a new SchemaFactory instance, enabling the attributes in order to prevent:
      • the access to external DTD
      • the access to external schema
      • the unsafe document processing
      Parameters:
      schemaLanguage - Specifies the schema language which the returned SchemaFactory will understand. The same as in SchemaFactory.newInstance(java.lang.String)
      Returns:
      New instance of a SchemaFactory
      Throws:
      SAXNotRecognizedException - If the feature value can't be assigned or retrieved.
      SAXNotSupportedException - If the feature value can't be assigned or retrieved.

    • newSAXParserFactory

      public static SAXParserFactory newSAXParserFactory() throws SAXException, ParserConfigurationException
      Create a new SAXParserFactory instance, enabling the attributes in order to prevent:
      • the access to external DTD
      • the access to external schema
      • the unsafe document processing
      Returns:
      New instance of a SAXParserFactory.
      Throws:
      ParserConfigurationException - if this SAXParserFactory cannot support the XMLConstants.FEATURE_SECURE_PROCESSING feature.
      SAXNotRecognizedException - If the feature value can't be assigned or retrieved.
      SAXException

    • secure

      public static boolean secure(DocumentBuilderFactory factory, String accessExternalDtd, String accessExternalSchema, String accessExternalStylesheet)
      Secures the DocumentBuilderFactory, by preventing the
      • the access to external DTD
      • the access to external schema
      • the access to external stylesheet
      Parameters:
      factory - the DocumentBuilderFactory's instance
      accessExternalDtd - true to prevent the access to external DTD
      accessExternalSchema - true to prevent the access to external schema
      accessExternalStylesheet - true to prevent the access to external stylesheet
      Returns:
      true if the configuration has been succeed; false otherwise,

    • secure

      public static boolean secure(TransformerFactory factory, String accessExternalDtd, String accessExternalSchema, String accessExternalStylesheet)
      Secures the TransformerFactory, by preventing the
      • the access to external DTD
      • the access to external schema
      • the access to external stylesheet
      Parameters:
      factory - the TransformerFactory's instance
      accessExternalDtd - true to prevent the access to external DTD
      accessExternalSchema - true to prevent the access to external schema
      accessExternalStylesheet - true to prevent the access to external stylesheet
      Returns:
      true if the configuration has been succeed; false otherwise,

    • secure

      public static boolean secure(SchemaFactory factory, String accessExternalDtd, String accessExternalSchema, String accessExternalStylesheet) throws SAXNotRecognizedException, SAXNotSupportedException
      Secures the SchemaFactory, by preventing the
      • the access to external DTD
      • the access to external schema
      • the access to external stylesheet
      Parameters:
      factory - the SchemaFactory's instance
      accessExternalDtd - true to prevent the access to external DTD
      accessExternalSchema - true to prevent the access to external schema
      accessExternalStylesheet - true to prevent the access to external stylesheet
      Returns:
      true if the configuration has been succeed; false otherwise,
      Throws:
      SAXNotRecognizedException - If the property value can't be assigned or retrieved.
      SAXNotSupportedException - When the SchemaFactory recognizes the property name but cannot set the requested value.

    • secure

      public static boolean secure(SAXParser parser, String accessExternalDtd, String accessExternalSchema, String accessExternalStylesheet) throws SAXNotRecognizedException, SAXNotSupportedException
      Secures the SAXParser, by preventing the
      • the access to external DTD
      • the access to external schema
      • the access to external stylesheet
      Parameters:
      parser - the SAXParser's instance
      accessExternalDtd - true to prevent the access to external DTD
      accessExternalSchema - true to prevent the access to external schema
      accessExternalStylesheet - true to prevent the access to external stylesheet
      Returns:
      true if the configuration has been succeed; false otherwise
      Throws:
      SAXNotRecognizedException - When the underlying XMLReader does not recognize the property name.
      SAXNotSupportedException - When the underlying XMLReader recognizes the property name but doesn't support the property.