List of usage examples for org.dom4j.io SAXReader setIncludeExternalDTDDeclarations
public void setIncludeExternalDTDDeclarations(boolean include)
From source file:org.metaeffekt.dita.maven.glossary.GlossaryMapCreator.java
License:Apache License
protected Document readDocument(File file) { SAXReader reader = new SAXReader(); reader.setValidation(false);// w w w . j av a2 s. c om reader.setIncludeInternalDTDDeclarations(false); reader.setIncludeExternalDTDDeclarations(false); reader.setIgnoreComments(true); reader.setEntityResolver(new EntityResolver() { @Override public InputSource resolveEntity(String arg0, String arg1) throws SAXException, IOException { return new InputSource(new InputStream() { @Override public int read() throws IOException { return -1; } }); } }); try { return reader.read(file); } catch (DocumentException e) { return null; } }
From source file:org.mitre.jawb.io.ATLASHelper.java
License:Open Source License
public static Document parse(URI aifURI) throws IOException { SAXReader reader = new SAXReader(); // actually, this is ok, if we use the entity resolver reader.setEntityResolver(new ATLASResolver()); reader.setIncludeExternalDTDDeclarations(false); try {/* w w w. ja va2 s . com*/ // URI.toURL() fails when opaque. don't expect an opaque here, but... if (DEBUG > 0) System.err.println("ATHelp.parse: aifURI=" + aifURI); return reader.read(new URL(aifURI.toString())); } catch (DocumentException x) { IOException ex = new IOException("Unable to parse input aif"); ex.initCause(x); throw ex; } }
From source file:org.mitre.jawb.io.ATLASHelper.java
License:Open Source License
public static Document parse(InputStream in) throws IOException { SAXReader reader = new SAXReader(); // actually, this is ok, if we use the entity resolver reader.setEntityResolver(new ATLASResolver()); reader.setIncludeExternalDTDDeclarations(false); try {/*from www . ja v a 2 s.co m*/ // URI.toURL() fails when opaque. don't expect an opaque here, but... return reader.read(in); } catch (DocumentException x) { IOException ex = new IOException("Unable to parse input aif"); ex.initCause(x); throw ex; } }
From source file:org.nuxeo.ecm.platform.webdav.request.tests.FakeResponse.java
License:Open Source License
public Element getXMLOutput() throws DocumentException, IOException { SAXReader saxReader = new SAXReader(); saxReader.setMergeAdjacentText(true); saxReader.setEncoding("UTF-8"); saxReader.setValidation(false);//from w w w . java 2 s .c o m saxReader.setIncludeExternalDTDDeclarations(false); saxReader.setIncludeInternalDTDDeclarations(false); String xml = getOutput(); InputStream in = new StringBlob(xml).getStream(); return saxReader.read(in).getRootElement(); }
From source file:pt.webdetails.cpf.utils.XmlParserFactoryProducer.java
License:Open Source License
/** * Creates an instance of {@link SAXReader} class * with features that prevent from some XXE attacks (e.g. XML bomb) * See PPP-3506 for more details.//from w w w . jav a2 s. com * See also https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Prevention_Cheat_Sheet * * @param resolver Is {@link EntityResolver} or null * @return {@link SAXReader} */ public static SAXReader getSAXReader(final EntityResolver resolver) { SAXReader reader = new SAXReader(); if (resolver != null) { reader.setEntityResolver(resolver); } try { reader.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); } catch (SAXException e) { logger.error("Some parser properties are not supported."); } reader.setIncludeExternalDTDDeclarations(false); reader.setIncludeInternalDTDDeclarations(false); return reader; }