Package com.prowidesoftware.swift.utils
Class SafeXmlUtils
- java.lang.Object
-
- com.prowidesoftware.swift.utils.SafeXmlUtils
-
public class SafeXmlUtils extends java.lang.Object
Reusable safe XML document builder to prevent XXE https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html- Since:
- 8.0.5
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static javax.xml.parsers.DocumentBuilder
documentBuilder()
Safe DOM parsing, with default parametersstatic javax.xml.parsers.DocumentBuilder
documentBuilder(boolean namespaceAware)
Safe DOM parsingstatic javax.xml.stream.XMLInputFactory
inputFactory()
Safe StAX parserstatic org.xml.sax.XMLReader
reader()
Safe SAX parser, with default parametersstatic org.xml.sax.XMLReader
reader(boolean namespaceAware, javax.xml.validation.Schema schema)
Safe SAX parserstatic javax.xml.validation.SchemaFactory
schemaFactory()
Safe schema factorystatic javax.xml.transform.Transformer
transformer()
Safe transformerstatic javax.xml.validation.Validator
validator(javax.xml.validation.Schema schema)
Safe schema validator
-
-
-
Method Detail
-
documentBuilder
public static javax.xml.parsers.DocumentBuilder documentBuilder()
Safe DOM parsing, with default parameters- Throws:
ProwideException
- if the parser cannot be configured- See Also:
documentBuilder(boolean)
-
documentBuilder
public static javax.xml.parsers.DocumentBuilder documentBuilder(boolean namespaceAware)
Safe DOM parsing- Parameters:
namespaceAware
- factory awareness- Throws:
ProwideException
- if the parser cannot be configured
-
reader
public static org.xml.sax.XMLReader reader() throws ProwideException
Safe SAX parser, with default parameters- Throws:
ProwideException
- if the parser cannot be configured- See Also:
reader(boolean, Schema)
-
reader
public static org.xml.sax.XMLReader reader(boolean namespaceAware, javax.xml.validation.Schema schema) throws ProwideException
Safe SAX parser- Parameters:
namespaceAware
- SAX factory awarenessschema
- optional schema if the reader will be used for validaiton, null to ignore- Throws:
ProwideException
- if the parser cannot be configured
-
inputFactory
public static javax.xml.stream.XMLInputFactory inputFactory()
Safe StAX parser- Throws:
ProwideException
- if the parser cannot be configured
-
transformer
public static javax.xml.transform.Transformer transformer()
Safe transformer
-
schemaFactory
public static javax.xml.validation.SchemaFactory schemaFactory()
Safe schema factory
-
validator
public static javax.xml.validation.Validator validator(javax.xml.validation.Schema schema)
Safe schema validator
-
-