1 /*
2 * Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
3 */
4 /*
5 * Licensed to the Apache Software Foundation (ASF) under one or more
6 * contributor license agreements. See the NOTICE file distributed with
7 * this work for additional information regarding copyright ownership.
8 * The ASF licenses this file to You under the Apache License, Version 2.0
9 * (the "License"); you may not use this file except in compliance with
10 * the License. You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 */
20
21 package com.sun.org.apache.xerces.internal.jaxp;
22
23 import java.io.IOException;
24 import java.util.Iterator;
25 import java.util.Map;
26
27 import javax.xml.parsers.DocumentBuilder;
28 import javax.xml.validation.Schema;
29 import javax.xml.XMLConstants;
30
31 import com.sun.org.apache.xerces.internal.dom.DOMImplementationImpl;
32 import com.sun.org.apache.xerces.internal.dom.DOMMessageFormatter;
33 import com.sun.org.apache.xerces.internal.impl.Constants;
34 import com.sun.org.apache.xerces.internal.impl.validation.ValidationManager;
35 import com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator;
36 import com.sun.org.apache.xerces.internal.jaxp.validation.XSGrammarPoolContainer;
37 import com.sun.org.apache.xerces.internal.parsers.DOMParser;
38 import com.sun.org.apache.xerces.internal.utils.XMLSecurityManager;
39 import com.sun.org.apache.xerces.internal.utils.XMLSecurityPropertyManager;
40 import com.sun.org.apache.xerces.internal.utils.XMLSecurityPropertyManager.Property;
41 import com.sun.org.apache.xerces.internal.utils.XMLSecurityPropertyManager.State;
42 import com.sun.org.apache.xerces.internal.xni.XMLDocumentHandler;
43 import com.sun.org.apache.xerces.internal.xni.parser.XMLComponent;
44 import com.sun.org.apache.xerces.internal.xni.parser.XMLComponentManager;
45 import com.sun.org.apache.xerces.internal.xni.parser.XMLConfigurationException;
46 import com.sun.org.apache.xerces.internal.xni.parser.XMLDocumentSource;
47 import com.sun.org.apache.xerces.internal.xni.parser.XMLParserConfiguration;
48 import org.w3c.dom.DOMImplementation;
49 import org.w3c.dom.Document;
50 import org.xml.sax.EntityResolver;
51 import org.xml.sax.ErrorHandler;
52 import org.xml.sax.InputSource;
53 import org.xml.sax.SAXException;
54 import org.xml.sax.SAXNotRecognizedException;
55 import org.xml.sax.SAXNotSupportedException;
56
57 /**
58 * @author Rajiv Mordani
59 * @author Edwin Goei
60 */
61 public class DocumentBuilderImpl extends DocumentBuilder
62 implements JAXPConstants
63 {
64 /** Feature identifier: namespaces. */
65 private static final String NAMESPACES_FEATURE =
66 Constants.SAX_FEATURE_PREFIX + Constants.NAMESPACES_FEATURE;
67
68 /** Feature identifier: include ignorable white space. */
69 private static final String INCLUDE_IGNORABLE_WHITESPACE =
70 Constants.XERCES_FEATURE_PREFIX + Constants.INCLUDE_IGNORABLE_WHITESPACE;
71
72 /** Feature identifier: create entiry ref nodes feature. */
73 private static final String CREATE_ENTITY_REF_NODES_FEATURE =
74 Constants.XERCES_FEATURE_PREFIX + Constants.CREATE_ENTITY_REF_NODES_FEATURE;
75
76 /** Feature identifier: include comments feature. */
77 private static final String INCLUDE_COMMENTS_FEATURE =
78 Constants.XERCES_FEATURE_PREFIX + Constants.INCLUDE_COMMENTS_FEATURE;
79
80 /** Feature identifier: create cdata nodes feature. */
81 private static final String CREATE_CDATA_NODES_FEATURE =
82 Constants.XERCES_FEATURE_PREFIX + Constants.CREATE_CDATA_NODES_FEATURE;
83
84 /** Feature identifier: XInclude processing */
85 private static final String XINCLUDE_FEATURE =
86 Constants.XERCES_FEATURE_PREFIX + Constants.XINCLUDE_FEATURE;
87
88 /** feature identifier: XML Schema validation */
89 private static final String XMLSCHEMA_VALIDATION_FEATURE =
90 Constants.XERCES_FEATURE_PREFIX + Constants.SCHEMA_VALIDATION_FEATURE;
91
92 /** Feature identifier: validation */
93 private static final String VALIDATION_FEATURE =
94 Constants.SAX_FEATURE_PREFIX + Constants.VALIDATION_FEATURE;
95
96 /** Property identifier: security manager. */
97 private static final String SECURITY_MANAGER =
98 Constants.XERCES_PROPERTY_PREFIX + Constants.SECURITY_MANAGER_PROPERTY;
99
100 /** Property identifier: Security property manager. */
101 private static final String XML_SECURITY_PROPERTY_MANAGER =
102 Constants.XML_SECURITY_PROPERTY_MANAGER;
103
104 /** property identifier: access external dtd. */
105 public static final String ACCESS_EXTERNAL_DTD = XMLConstants.ACCESS_EXTERNAL_DTD;
106
107 /** Property identifier: access to external schema */
108 public static final String ACCESS_EXTERNAL_SCHEMA = XMLConstants.ACCESS_EXTERNAL_SCHEMA;
109
110
111 private final DOMParser domParser;
112 private final Schema grammar;
113
114 private final XMLComponent fSchemaValidator;
115 private final XMLComponentManager fSchemaValidatorComponentManager;
116 private final ValidationManager fSchemaValidationManager;
117 private final UnparsedEntityHandler fUnparsedEntityHandler;
118
119 /** Initial ErrorHandler */
120 private final ErrorHandler fInitErrorHandler;
121
122 /** Initial EntityResolver */
123 private final EntityResolver fInitEntityResolver;
124
125 private XMLSecurityManager fSecurityManager;
126 private XMLSecurityPropertyManager fSecurityPropertyMgr;
127
128 DocumentBuilderImpl(DocumentBuilderFactoryImpl dbf, Map<String, Object> dbfAttrs,
129 Map<String, Boolean> features)
130 throws SAXNotRecognizedException, SAXNotSupportedException {
131 this(dbf, dbfAttrs, features, false);
132 }
133
134 DocumentBuilderImpl(DocumentBuilderFactoryImpl dbf, Map<String, Object> dbfAttrs,
135 Map<String, Boolean> features, boolean secureProcessing)
136 throws SAXNotRecognizedException, SAXNotSupportedException
137 {
138 domParser = new DOMParser();
139
140 // If validating, provide a default ErrorHandler that prints
141 // validation errors with a warning telling the user to set an
142 // ErrorHandler
143 if (dbf.isValidating()) {
144 fInitErrorHandler = new DefaultValidationErrorHandler(domParser.getXMLParserConfiguration().getLocale());
145 setErrorHandler(fInitErrorHandler);
146 }
147 else {
148 fInitErrorHandler = domParser.getErrorHandler();
149 }
150
151 domParser.setFeature(VALIDATION_FEATURE, dbf.isValidating());
152
153 // "namespaceAware" == SAX Namespaces feature
154 domParser.setFeature(NAMESPACES_FEATURE, dbf.isNamespaceAware());
155
156 // Set various parameters obtained from DocumentBuilderFactory
157 domParser.setFeature(INCLUDE_IGNORABLE_WHITESPACE,
158 !dbf.isIgnoringElementContentWhitespace());
159 domParser.setFeature(CREATE_ENTITY_REF_NODES_FEATURE,
160 !dbf.isExpandEntityReferences());
161 domParser.setFeature(INCLUDE_COMMENTS_FEATURE,
162 !dbf.isIgnoringComments());
163 domParser.setFeature(CREATE_CDATA_NODES_FEATURE,
164 !dbf.isCoalescing());
165
166 // Avoid setting the XInclude processing feature if the value is false.
167 // This will keep the configuration from throwing an exception if it
168 // does not support XInclude.
169 if (dbf.isXIncludeAware()) {
170 domParser.setFeature(XINCLUDE_FEATURE, true);
171 }
172
173 fSecurityPropertyMgr = new XMLSecurityPropertyManager();
174 domParser.setProperty(XML_SECURITY_PROPERTY_MANAGER, fSecurityPropertyMgr);
175
176 fSecurityManager = new XMLSecurityManager(secureProcessing);
177 domParser.setProperty(SECURITY_MANAGER, fSecurityManager);
178
179 if (secureProcessing) {
180 /**
181 * If secure processing is explicitly set on the factory, the
182 * access properties will be set unless the corresponding
183 * System Properties or jaxp.properties are set
184 */
185 if (features != null) {
186 Boolean temp = features.get(XMLConstants.FEATURE_SECURE_PROCESSING);
187 if (temp != null) {
188 if (temp && Constants.IS_JDK8_OR_ABOVE) {
189 fSecurityPropertyMgr.setValue(Property.ACCESS_EXTERNAL_DTD,
190 State.FSP, Constants.EXTERNAL_ACCESS_DEFAULT_FSP);
191 fSecurityPropertyMgr.setValue(Property.ACCESS_EXTERNAL_SCHEMA,
192 State.FSP, Constants.EXTERNAL_ACCESS_DEFAULT_FSP);
193 }
194 }
195 }
196 }
197
198 this.grammar = dbf.getSchema();
199 if (grammar != null) {
200 XMLParserConfiguration config = domParser.getXMLParserConfiguration();
201 XMLComponent validatorComponent = null;
202 /** For Xerces grammars, use built-in schema validator. **/
203 if (grammar instanceof XSGrammarPoolContainer) {
204 validatorComponent = new XMLSchemaValidator();
205 fSchemaValidationManager = new ValidationManager();
206 fUnparsedEntityHandler = new UnparsedEntityHandler(fSchemaValidationManager);
207 config.setDTDHandler(fUnparsedEntityHandler);
208 fUnparsedEntityHandler.setDTDHandler(domParser);
209 domParser.setDTDSource(fUnparsedEntityHandler);
210 fSchemaValidatorComponentManager = new SchemaValidatorConfiguration(config,
211 (XSGrammarPoolContainer) grammar, fSchemaValidationManager);
212 }
213 /** For third party grammars, use the JAXP validator component. **/
214 else {
215 validatorComponent = new JAXPValidatorComponent(grammar.newValidatorHandler());
216 fSchemaValidationManager = null;
217 fUnparsedEntityHandler = null;
218 fSchemaValidatorComponentManager = config;
219 }
220 config.addRecognizedFeatures(validatorComponent.getRecognizedFeatures());
221 config.addRecognizedProperties(validatorComponent.getRecognizedProperties());
222 setFeatures(features); // Must set before calling setDocumentHandler()
223 config.setDocumentHandler((XMLDocumentHandler) validatorComponent);
224 ((XMLDocumentSource)validatorComponent).setDocumentHandler(domParser);
225 domParser.setDocumentSource((XMLDocumentSource) validatorComponent);
226 fSchemaValidator = validatorComponent;
227 }
228 else {
229 fSchemaValidationManager = null;
230 fUnparsedEntityHandler = null;
231 fSchemaValidatorComponentManager = null;
232 fSchemaValidator = null;
233 setFeatures(features);
234 }
235
236 //setAttribute override those that may be set by other means
237 setDocumentBuilderFactoryAttributes(dbfAttrs);
238
239 // Initial EntityResolver
240 fInitEntityResolver = domParser.getEntityResolver();
241 }
242
243 private void setFeatures( Map<String, Boolean> features)
244 throws SAXNotSupportedException, SAXNotRecognizedException {
245 if (features != null) {
246 for (Map.Entry<String, Boolean> entry : features.entrySet()) {
247 domParser.setFeature(entry.getKey(), entry.getValue());
248 }
249 }
250 }
251
252 /**
253 * Set any DocumentBuilderFactory attributes of our underlying DOMParser
254 *
255 * Note: code does not handle possible conflicts between DOMParser
256 * attribute names and JAXP specific attribute names,
257 * eg. DocumentBuilderFactory.setValidating()
258 */
259 private void setDocumentBuilderFactoryAttributes( Map<String, Object> dbfAttrs)
260 throws SAXNotSupportedException, SAXNotRecognizedException
261 {
262 if (dbfAttrs == null) {
263 // Nothing to do
264 return;
265 }
266
267 for (Map.Entry<String, Object> entry : dbfAttrs.entrySet()) {
268 String name = entry.getKey();
269 Object val = entry.getValue();
270 if (val instanceof Boolean) {
271 // Assume feature
272 domParser.setFeature(name, (Boolean)val);
273 } else {
274 // Assume property
275 if (JAXP_SCHEMA_LANGUAGE.equals(name)) {
276 // JAXP 1.2 support
277 //None of the properties will take effect till the setValidating(true) has been called
278 if ( W3C_XML_SCHEMA.equals(val) ) {
279 if( isValidating() ) {
280 domParser.setFeature(XMLSCHEMA_VALIDATION_FEATURE, true);
281 // this should allow us not to emit DTD errors, as expected by the
282 // spec when schema validation is enabled
283 domParser.setProperty(JAXP_SCHEMA_LANGUAGE, W3C_XML_SCHEMA);
284 }
285 }
286 } else if(JAXP_SCHEMA_SOURCE.equals(name)){
287 if( isValidating() ) {
288 String value=(String)dbfAttrs.get(JAXP_SCHEMA_LANGUAGE);
289 if(value !=null && W3C_XML_SCHEMA.equals(value)){
290 domParser.setProperty(name, val);
291 }else{
292 throw new IllegalArgumentException(
293 DOMMessageFormatter.formatMessage(DOMMessageFormatter.DOM_DOMAIN,
294 "jaxp-order-not-supported",
295 new Object[] {JAXP_SCHEMA_LANGUAGE, JAXP_SCHEMA_SOURCE}));
296 }
297 }
298 } else {
299 //check if the property is managed by security manager
300 if (fSecurityManager == null ||
301 !fSecurityManager.setLimit(name, XMLSecurityManager.State.APIPROPERTY, val)) {
302 //check if the property is managed by security property manager
303 if (fSecurityPropertyMgr == null ||
304 !fSecurityPropertyMgr.setValue(name, XMLSecurityPropertyManager.State.APIPROPERTY, val)) {
305 //fall back to the existing property manager
306 domParser.setProperty(name, val);
307 }
308 }
309
310 }
311 }
312 }
313 }
314
315 /**
316 * Non-preferred: use the getDOMImplementation() method instead of this
317 * one to get a DOM Level 2 DOMImplementation object and then use DOM
318 * Level 2 methods to create a DOM Document object.
319 */
320 public Document newDocument() {
321 return new com.sun.org.apache.xerces.internal.dom.DocumentImpl();
322 }
323
324 public DOMImplementation getDOMImplementation() {
325 return DOMImplementationImpl.getDOMImplementation();
326 }
327
328 public Document parse(InputSource is) throws SAXException, IOException {
329 if (is == null) {
330 throw new IllegalArgumentException(
331 DOMMessageFormatter.formatMessage(DOMMessageFormatter.DOM_DOMAIN,
332 "jaxp-null-input-source", null));
333 }
334 if (fSchemaValidator != null) {
335 if (fSchemaValidationManager != null) {
336 fSchemaValidationManager.reset();
337 fUnparsedEntityHandler.reset();
338 }
339 resetSchemaValidator();
340 }
341 domParser.parse(is);
342 Document doc = domParser.getDocument();
343 domParser.dropDocumentReferences();
344 return doc;
345 }
346
347 public boolean isNamespaceAware() {
348 try {
349 return domParser.getFeature(NAMESPACES_FEATURE);
350 }
351 catch (SAXException x) {
352 throw new IllegalStateException(x.getMessage());
353 }
354 }
355
356 public boolean isValidating() {
357 try {
358 return domParser.getFeature(VALIDATION_FEATURE);
359 }
360 catch (SAXException x) {
361 throw new IllegalStateException(x.getMessage());
362 }
363 }
364
365 /**
366 * Gets the XInclude processing mode for this parser
367 * @return the state of XInclude processing mode
368 */
369 public boolean isXIncludeAware() {
370 try {
371 return domParser.getFeature(XINCLUDE_FEATURE);
372 }
373 catch (SAXException exc) {
374 return false;
375 }
376 }
377
378 public void setEntityResolver(EntityResolver er) {
379 domParser.setEntityResolver(er);
380 }
381
382 public void setErrorHandler(ErrorHandler eh) {
383 domParser.setErrorHandler(eh);
384 }
385
386 public Schema getSchema() {
387 return grammar;
388 }
389
390 public void reset() {
391 /** Restore the initial error handler. **/
392 if (domParser.getErrorHandler() != fInitErrorHandler) {
393 domParser.setErrorHandler(fInitErrorHandler);
394 }
395 /** Restore the initial entity resolver. **/
396 if (domParser.getEntityResolver() != fInitEntityResolver) {
397 domParser.setEntityResolver(fInitEntityResolver);
398 }
399 }
400
401 // package private
402 DOMParser getDOMParser() {
403 return domParser;
404 }
405
406 private void resetSchemaValidator() throws SAXException {
407 try {
408 fSchemaValidator.reset(fSchemaValidatorComponentManager);
409 }
410 // This should never be thrown from the schema validator.
411 catch (XMLConfigurationException e) {
412 throw new SAXException(e);
413 }
414 }
415 }