src/com/sun/org/apache/xerces/internal/impl/PropertyManager.java
Print this page
*** 23,36 ****
* questions.
*/
package com.sun.org.apache.xerces.internal.impl;
! import com.sun.org.apache.xerces.internal.utils.SecuritySupport;
import com.sun.xml.internal.stream.StaxEntityResolverWrapper;
import java.util.HashMap;
- import javax.xml.XMLConstants;
import javax.xml.stream.XMLInputFactory;
import javax.xml.stream.XMLOutputFactory;
import javax.xml.stream.XMLResolver;
/**
--- 23,35 ----
* questions.
*/
package com.sun.org.apache.xerces.internal.impl;
! import com.sun.org.apache.xerces.internal.utils.XMLSecurityPropertyManager;
import com.sun.xml.internal.stream.StaxEntityResolverWrapper;
import java.util.HashMap;
import javax.xml.stream.XMLInputFactory;
import javax.xml.stream.XMLOutputFactory;
import javax.xml.stream.XMLResolver;
/**
*** 49,67 ****
public static final String STAX_NOTATIONS = "javax.xml.stream.notations";
public static final String STAX_ENTITIES = "javax.xml.stream.entities";
private static final String STRING_INTERNING = "http://xml.org/sax/features/string-interning";
- /** Property identifier: access to external dtd */
- protected static final String ACCESS_EXTERNAL_DTD = XMLConstants.ACCESS_EXTERNAL_DTD;
-
- /** Property identifier: access to external schema */
- protected static final String ACCESS_EXTERNAL_SCHEMA = XMLConstants.ACCESS_EXTERNAL_SCHEMA;
-
HashMap supportedProps = new HashMap();
public static final int CONTEXT_READER = 1;
public static final int CONTEXT_WRITER = 2;
/** Creates a new instance of PropertyManager */
public PropertyManager(int context) {
--- 48,65 ----
public static final String STAX_NOTATIONS = "javax.xml.stream.notations";
public static final String STAX_ENTITIES = "javax.xml.stream.entities";
private static final String STRING_INTERNING = "http://xml.org/sax/features/string-interning";
+ /** Property identifier: Security property manager. */
+ private static final String XML_SECURITY_PROPERTY_MANAGER =
+ Constants.XML_SECURITY_PROPERTY_MANAGER;
HashMap supportedProps = new HashMap();
+ private XMLSecurityPropertyManager fSecurityPropertyMgr;
+
public static final int CONTEXT_READER = 1;
public static final int CONTEXT_WRITER = 2;
/** Creates a new instance of PropertyManager */
public PropertyManager(int context) {
*** 82,91 ****
--- 80,90 ----
*/
public PropertyManager(PropertyManager propertyManager){
HashMap properties = propertyManager.getProperties();
supportedProps.putAll(properties);
+ fSecurityPropertyMgr = (XMLSecurityPropertyManager)getProperty(XML_SECURITY_PROPERTY_MANAGER);
}
private HashMap getProperties(){
return supportedProps ;
}
*** 123,140 ****
supportedProps.put(Constants.ZEPHYR_PROPERTY_PREFIX + Constants.IGNORE_EXTERNAL_DTD, Boolean.FALSE);
supportedProps.put(Constants.XERCES_FEATURE_PREFIX + Constants.WARN_ON_DUPLICATE_ATTDEF_FEATURE, new Boolean(false));
supportedProps.put(Constants.XERCES_FEATURE_PREFIX + Constants.WARN_ON_DUPLICATE_ENTITYDEF_FEATURE, new Boolean(false));
supportedProps.put(Constants.XERCES_FEATURE_PREFIX + Constants.WARN_ON_UNDECLARED_ELEMDEF_FEATURE, new Boolean(false));
! //For DOM/SAX, the secure feature is set to true by default
! String accessExternal = SecuritySupport.getDefaultAccessProperty(
! Constants.SP_ACCESS_EXTERNAL_DTD, Constants.EXTERNAL_ACCESS_DEFAULT);
! supportedProps.put(ACCESS_EXTERNAL_DTD, accessExternal);
!
! accessExternal = SecuritySupport.getDefaultAccessProperty(
! Constants.SP_ACCESS_EXTERNAL_SCHEMA, Constants.EXTERNAL_ACCESS_DEFAULT);
! supportedProps.put(ACCESS_EXTERNAL_SCHEMA, accessExternal);
}
private void initWriterProps(){
supportedProps.put(XMLOutputFactory.IS_REPAIRING_NAMESPACES , Boolean.FALSE);
//default value of escaping characters is 'true'
--- 122,133 ----
supportedProps.put(Constants.ZEPHYR_PROPERTY_PREFIX + Constants.IGNORE_EXTERNAL_DTD, Boolean.FALSE);
supportedProps.put(Constants.XERCES_FEATURE_PREFIX + Constants.WARN_ON_DUPLICATE_ATTDEF_FEATURE, new Boolean(false));
supportedProps.put(Constants.XERCES_FEATURE_PREFIX + Constants.WARN_ON_DUPLICATE_ENTITYDEF_FEATURE, new Boolean(false));
supportedProps.put(Constants.XERCES_FEATURE_PREFIX + Constants.WARN_ON_UNDECLARED_ELEMDEF_FEATURE, new Boolean(false));
! fSecurityPropertyMgr = new XMLSecurityPropertyManager();
! supportedProps.put(XML_SECURITY_PROPERTY_MANAGER, fSecurityPropertyMgr);
}
private void initWriterProps(){
supportedProps.put(XMLOutputFactory.IS_REPAIRING_NAMESPACES , Boolean.FALSE);
//default value of escaping characters is 'true'
*** 146,156 ****
* public void reset(){
* supportedProps.clear() ;
* }
*/
public boolean containsProperty(String property){
! return supportedProps.containsKey(property) ;
}
public Object getProperty(String property){
return supportedProps.get(property);
}
--- 139,150 ----
* public void reset(){
* supportedProps.clear() ;
* }
*/
public boolean containsProperty(String property){
! return supportedProps.containsKey(property) ||
! fSecurityPropertyMgr.getIndex(property) > -1 ;
}
public Object getProperty(String property){
return supportedProps.get(property);
}
*** 172,182 ****
}
else if(property == XMLInputFactory.RESOLVER || property.equals(XMLInputFactory.RESOLVER)){
//add internal stax property
supportedProps.put( Constants.XERCES_PROPERTY_PREFIX + Constants.STAX_ENTITY_RESOLVER_PROPERTY , new StaxEntityResolverWrapper((XMLResolver)value)) ;
}
! supportedProps.put(property, value ) ;
if(equivalentProperty != null){
supportedProps.put(equivalentProperty, value ) ;
}
}
--- 166,184 ----
}
else if(property == XMLInputFactory.RESOLVER || property.equals(XMLInputFactory.RESOLVER)){
//add internal stax property
supportedProps.put( Constants.XERCES_PROPERTY_PREFIX + Constants.STAX_ENTITY_RESOLVER_PROPERTY , new StaxEntityResolverWrapper((XMLResolver)value)) ;
}
!
! int index = fSecurityPropertyMgr.getIndex(property);
! if (index > -1) {
! fSecurityPropertyMgr.setValue(index,
! XMLSecurityPropertyManager.State.APIPROPERTY, (String)value);
! } else {
! supportedProps.put(property, value);
! }
!
if(equivalentProperty != null){
supportedProps.put(equivalentProperty, value ) ;
}
}