jaxws Sdiff src/share/jaxws_classes/com/sun/xml/internal/ws/util/xml

src/share/jaxws_classes/com/sun/xml/internal/ws/util/xml/XmlUtil.java

  37 import org.w3c.dom.Node;
  38 import org.w3c.dom.NodeList;
  39 import org.w3c.dom.Text;
  40 import org.xml.sax.*;
  41 
  42 import javax.xml.XMLConstants;
  43 import javax.xml.namespace.QName;
  44 import javax.xml.parsers.DocumentBuilderFactory;
  45 import javax.xml.parsers.ParserConfigurationException;
  46 import javax.xml.parsers.SAXParserFactory;
  47 import javax.xml.stream.XMLInputFactory;
  48 import javax.xml.transform.Result;
  49 import javax.xml.transform.Source;
  50 import javax.xml.transform.Transformer;
  51 import javax.xml.transform.TransformerConfigurationException;
  52 import javax.xml.transform.TransformerException;
  53 import javax.xml.transform.TransformerFactory;
  54 import javax.xml.transform.sax.SAXTransformerFactory;
  55 import javax.xml.transform.sax.TransformerHandler;
  56 import javax.xml.transform.stream.StreamSource;

  57 import javax.xml.ws.WebServiceException;
  58 import javax.xml.xpath.XPathFactory;
  59 import javax.xml.xpath.XPathFactoryConfigurationException;
  60 import java.io.IOException;
  61 import java.io.InputStream;
  62 import java.io.OutputStreamWriter;
  63 import java.io.Writer;
  64 import java.net.URL;
  65 import java.util.ArrayList;
  66 import java.util.Enumeration;
  67 import java.util.Iterator;
  68 import java.util.List;
  69 import java.util.StringTokenizer;
  70 import java.util.logging.Level;
  71 import java.util.logging.Logger;
  72 
  73 /**
  74  * @author WS Development Team
  75  */
  76 public class XmlUtil {




  77     private final static String LEXICAL_HANDLER_PROPERTY =
  78         "http://xml.org/sax/properties/lexical-handler";
  79 
  80     private static final Logger LOGGER = Logger.getLogger(XmlUtil.class.getName());
  81 
  82     private static boolean globalSecureXmlProcessingEnabled;
  83 
  84     static {
  85         String disableSecureXmlProcessing = System.getProperty("disableSecureXmlProcessing");
  86         globalSecureXmlProcessingEnabled = disableSecureXmlProcessing == null || !Boolean.valueOf(disableSecureXmlProcessing);
  87     }
  88 
  89     public static String getPrefix(String s) {
  90         int i = s.indexOf(':');
  91         if (i == -1)
  92             return null;
  93         return s.substring(0, i);
  94     }
  95 
  96     public static String getLocalPart(String s) {

 397         } catch (XPathFactoryConfigurationException e) {
 398             LOGGER.log(Level.WARNING, "Factory [{}] doesn't support secure xml processing!", new Object[] { factory.getClass().getName() } );
 399         }
 400         return factory;
 401     }
 402 
 403     public static XMLInputFactory newXMLInputFactory(boolean secureXmlProcessingEnabled)  {
 404         XMLInputFactory factory = XMLInputFactory.newInstance();
 405         if (checkGlobalOverride(secureXmlProcessingEnabled)) {
 406             // TODO-Miran: are those apppropriate defaults?
 407             factory.setProperty(XMLInputFactory.SUPPORT_DTD, false);
 408             factory.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, false);
 409         }
 410         return factory;
 411     }
 412 
 413     private static boolean checkGlobalOverride(boolean localSecureXmlProcessingEnabled) {
 414         return globalSecureXmlProcessingEnabled && localSecureXmlProcessingEnabled;
 415     }
 416 

















 417 }

  37 import org.w3c.dom.Node;
  38 import org.w3c.dom.NodeList;
  39 import org.w3c.dom.Text;
  40 import org.xml.sax.*;
  41 
  42 import javax.xml.XMLConstants;
  43 import javax.xml.namespace.QName;
  44 import javax.xml.parsers.DocumentBuilderFactory;
  45 import javax.xml.parsers.ParserConfigurationException;
  46 import javax.xml.parsers.SAXParserFactory;
  47 import javax.xml.stream.XMLInputFactory;
  48 import javax.xml.transform.Result;
  49 import javax.xml.transform.Source;
  50 import javax.xml.transform.Transformer;
  51 import javax.xml.transform.TransformerConfigurationException;
  52 import javax.xml.transform.TransformerException;
  53 import javax.xml.transform.TransformerFactory;
  54 import javax.xml.transform.sax.SAXTransformerFactory;
  55 import javax.xml.transform.sax.TransformerHandler;
  56 import javax.xml.transform.stream.StreamSource;
  57 import javax.xml.validation.SchemaFactory;
  58 import javax.xml.ws.WebServiceException;
  59 import javax.xml.xpath.XPathFactory;
  60 import javax.xml.xpath.XPathFactoryConfigurationException;
  61 import java.io.IOException;
  62 import java.io.InputStream;
  63 import java.io.OutputStreamWriter;
  64 import java.io.Writer;
  65 import java.net.URL;
  66 import java.util.ArrayList;
  67 import java.util.Enumeration;
  68 import java.util.Iterator;
  69 import java.util.List;
  70 import java.util.StringTokenizer;
  71 import java.util.logging.Level;
  72 import java.util.logging.Logger;
  73 
  74 /**
  75  * @author WS Development Team
  76  */
  77 public class XmlUtil {
  78 
  79     // not in older JDK, so must be duplicated here, otherwise javax.xml.XMLConstants should be used
  80     private static final String ACCESS_EXTERNAL_SCHEMA = "http://javax.xml.XMLConstants/property/accessExternalSchema";
  81 
  82     private final static String LEXICAL_HANDLER_PROPERTY =
  83         "http://xml.org/sax/properties/lexical-handler";
  84 
  85     private static final Logger LOGGER = Logger.getLogger(XmlUtil.class.getName());
  86 
  87     private static boolean globalSecureXmlProcessingEnabled;
  88 
  89     static {
  90         String disableSecureXmlProcessing = System.getProperty("disableSecureXmlProcessing");
  91         globalSecureXmlProcessingEnabled = disableSecureXmlProcessing == null || !Boolean.valueOf(disableSecureXmlProcessing);
  92     }
  93 
  94     public static String getPrefix(String s) {
  95         int i = s.indexOf(':');
  96         if (i == -1)
  97             return null;
  98         return s.substring(0, i);
  99     }
 100 
 101     public static String getLocalPart(String s) {

 402         } catch (XPathFactoryConfigurationException e) {
 403             LOGGER.log(Level.WARNING, "Factory [{}] doesn't support secure xml processing!", new Object[] { factory.getClass().getName() } );
 404         }
 405         return factory;
 406     }
 407 
 408     public static XMLInputFactory newXMLInputFactory(boolean secureXmlProcessingEnabled)  {
 409         XMLInputFactory factory = XMLInputFactory.newInstance();
 410         if (checkGlobalOverride(secureXmlProcessingEnabled)) {
 411             // TODO-Miran: are those apppropriate defaults?
 412             factory.setProperty(XMLInputFactory.SUPPORT_DTD, false);
 413             factory.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, false);
 414         }
 415         return factory;
 416     }
 417 
 418     private static boolean checkGlobalOverride(boolean localSecureXmlProcessingEnabled) {
 419         return globalSecureXmlProcessingEnabled && localSecureXmlProcessingEnabled;
 420     }
 421 
 422     public static SchemaFactory allowFileAccess(SchemaFactory sf, boolean disableSecureProcessing) {
 423 
 424         // if feature secure processing enabled, nothing to do, file is allowed,
 425         // or user is able to control access by standard JAXP mechanisms
 426         if (checkGlobalOverride(disableSecureProcessing)) {
 427             return sf;
 428         }
 429 
 430         try {
 431             sf.setProperty(ACCESS_EXTERNAL_SCHEMA, "file");
 432             LOGGER.log(Level.FINE, "Property \"{}\" is supported and has been successfully set by used JAXP implementation.", new Object[]{ACCESS_EXTERNAL_SCHEMA});
 433         } catch (SAXException ignored) {
 434             // depending on JDK/SAX implementation used
 435             LOGGER.log(Level.CONFIG, "Property \"{}\" is not supported by used JAXP implementation.", new Object[]{ACCESS_EXTERNAL_SCHEMA});
 436         }
 437         return sf;
 438     }
 439 }