src/com/sun/org/apache/xerces/internal/jaxp/validation/XMLSchemaFactory.java
Print this page
*** 43,52 ****
--- 43,53 ----
import com.sun.org.apache.xerces.internal.util.SAXMessageFormatter;
import com.sun.org.apache.xerces.internal.util.SecurityManager;
import com.sun.org.apache.xerces.internal.util.StAXInputSource;
import com.sun.org.apache.xerces.internal.util.Status;
import com.sun.org.apache.xerces.internal.util.XMLGrammarPoolImpl;
+ import com.sun.org.apache.xerces.internal.utils.SecuritySupport;
import com.sun.org.apache.xerces.internal.xni.XNIException;
import com.sun.org.apache.xerces.internal.xni.grammars.Grammar;
import com.sun.org.apache.xerces.internal.xni.grammars.XMLGrammarDescription;
import com.sun.org.apache.xerces.internal.xni.grammars.XMLGrammarPool;
import com.sun.org.apache.xerces.internal.xni.parser.XMLConfigurationException;
*** 80,89 ****
--- 81,96 ----
/** Property identifier: SecurityManager. */
private static final String SECURITY_MANAGER =
Constants.XERCES_PROPERTY_PREFIX + Constants.SECURITY_MANAGER_PROPERTY;
+ /** property identifier: access external dtd. */
+ public static final String ACCESS_EXTERNAL_DTD = XMLConstants.ACCESS_EXTERNAL_DTD;
+
+ /** Property identifier: access to external schema */
+ public static final String ACCESS_EXTERNAL_SCHEMA = XMLConstants.ACCESS_EXTERNAL_SCHEMA;
+
//
// Data
//
/** The XMLSchemaLoader */
*** 130,139 ****
--- 137,154 ----
fXMLSchemaLoader.setErrorHandler(fErrorHandlerWrapper);
// Enable secure processing feature by default
fSecurityManager = new SecurityManager();
fXMLSchemaLoader.setProperty(SECURITY_MANAGER, fSecurityManager);
+
+ //by default, the secure feature is set to true, otherwise the default would have been 'file'
+ String accessExternal = SecuritySupport.getDefaultAccessProperty(
+ Constants.SP_ACCESS_EXTERNAL_DTD, Constants.EXTERNAL_ACCESS_DEFAULT);
+ fXMLSchemaLoader.setProperty(ACCESS_EXTERNAL_DTD, accessExternal);
+ accessExternal = SecuritySupport.getDefaultAccessProperty(
+ Constants.SP_ACCESS_EXTERNAL_SCHEMA, Constants.EXTERNAL_ACCESS_DEFAULT);
+ fXMLSchemaLoader.setProperty(ACCESS_EXTERNAL_SCHEMA, accessExternal);
}
/**
* <p>Is specified schema supported by this <code>SchemaFactory</code>?</p>
*
*** 272,281 ****
--- 287,297 ----
public Schema newSchema() throws SAXException {
// Use a Schema that uses the system id as the equality source.
AbstractXMLSchema schema = new WeakReferenceXMLSchema();
propagateFeatures(schema);
+ propagateProperties(schema);
return schema;
}
public boolean getFeature(String name)
throws SAXNotRecognizedException, SAXNotSupportedException {
*** 348,357 ****
--- 364,375 ----
SAXMessageFormatter.formatMessage(null,
"jaxp-secureprocessing-feature", null));
}
fSecurityManager = value ? new SecurityManager() : null;
fXMLSchemaLoader.setProperty(SECURITY_MANAGER, fSecurityManager);
+ fXMLSchemaLoader.setProperty(ACCESS_EXTERNAL_DTD, Constants.EXTERNAL_ACCESS_DEFAULT_FSP);
+ fXMLSchemaLoader.setProperty(ACCESS_EXTERNAL_SCHEMA, Constants.EXTERNAL_ACCESS_DEFAULT_FSP);
return;
} else if (name.equals(Constants.ORACLE_FEATURE_SERVICE_MECHANISM)) {
//in secure mode, let _useServicesMechanism be determined by the constructor
if (System.getSecurityManager() != null)
return;
*** 416,425 ****
--- 434,452 ----
boolean state = fXMLSchemaLoader.getFeature(features[i]);
schema.setFeature(features[i], state);
}
}
+ private void propagateProperties(AbstractXMLSchema schema) {
+ String[] properties = fXMLSchemaLoader.getRecognizedProperties();
+ for (int i = 0; i < properties.length; ++i) {
+ Object state = fXMLSchemaLoader.getProperty(properties[i]);
+ schema.setProperty(properties[i], state);
+ }
+ }
+
+
/**
* Extension of XMLGrammarPoolImpl which exposes the number of
* grammars stored in the grammar pool.
*/
static class XMLGrammarPoolImplExtension extends XMLGrammarPoolImpl {