670 if (result != null) {
671 setContentHandler(saxResult.getHandler());
672 }
673
674 try {
675 XMLReader reader = saxSource.getXMLReader();
676 if( reader==null ) {
677 // create one now
678 SAXParserFactory spf = fComponentManager.getFeature(Constants.ORACLE_FEATURE_SERVICE_MECHANISM) ?
679 SAXParserFactory.newInstance() : new SAXParserFactoryImpl();
680 spf.setNamespaceAware(true);
681 try {
682 spf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING,
683 fComponentManager.getFeature(XMLConstants.FEATURE_SECURE_PROCESSING));
684 reader = spf.newSAXParser().getXMLReader();
685 // If this is a Xerces SAX parser, set the security manager if there is one
686 if (reader instanceof com.sun.org.apache.xerces.internal.parsers.SAXParser) {
687 XMLSecurityManager securityManager = (XMLSecurityManager) fComponentManager.getProperty(SECURITY_MANAGER);
688 if (securityManager != null) {
689 try {
690 reader.setProperty(SECURITY_MANAGER, securityManager);
691 }
692 // Ignore the exception if the security manager cannot be set.
693 catch (SAXException exc) {}
694 }
695 try {
696 XMLSecurityPropertyManager spm = (XMLSecurityPropertyManager)
697 fComponentManager.getProperty(XML_SECURITY_PROPERTY_MANAGER);
698 reader.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD,
699 spm.getValue(XMLSecurityPropertyManager.Property.ACCESS_EXTERNAL_DTD));
700 } catch (SAXException exc) {
701 System.err.println("Warning: " + reader.getClass().getName() + ": " +
702 exc.getMessage());
703 }
704 }
705 } catch( Exception e ) {
706 // this is impossible, but better safe than sorry
707 throw new FactoryConfigurationError(e);
708 }
709 }
|
670 if (result != null) {
671 setContentHandler(saxResult.getHandler());
672 }
673
674 try {
675 XMLReader reader = saxSource.getXMLReader();
676 if( reader==null ) {
677 // create one now
678 SAXParserFactory spf = fComponentManager.getFeature(Constants.ORACLE_FEATURE_SERVICE_MECHANISM) ?
679 SAXParserFactory.newInstance() : new SAXParserFactoryImpl();
680 spf.setNamespaceAware(true);
681 try {
682 spf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING,
683 fComponentManager.getFeature(XMLConstants.FEATURE_SECURE_PROCESSING));
684 reader = spf.newSAXParser().getXMLReader();
685 // If this is a Xerces SAX parser, set the security manager if there is one
686 if (reader instanceof com.sun.org.apache.xerces.internal.parsers.SAXParser) {
687 XMLSecurityManager securityManager = (XMLSecurityManager) fComponentManager.getProperty(SECURITY_MANAGER);
688 if (securityManager != null) {
689 try {
690 securityManager.resetLimits();
691 reader.setProperty(SECURITY_MANAGER, securityManager);
692 }
693 // Ignore the exception if the security manager cannot be set.
694 catch (SAXException exc) {}
695 }
696 try {
697 XMLSecurityPropertyManager spm = (XMLSecurityPropertyManager)
698 fComponentManager.getProperty(XML_SECURITY_PROPERTY_MANAGER);
699 reader.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD,
700 spm.getValue(XMLSecurityPropertyManager.Property.ACCESS_EXTERNAL_DTD));
701 } catch (SAXException exc) {
702 System.err.println("Warning: " + reader.getClass().getName() + ": " +
703 exc.getMessage());
704 }
705 }
706 } catch( Exception e ) {
707 // this is impossible, but better safe than sorry
708 throw new FactoryConfigurationError(e);
709 }
710 }
|