Java DocumentBuilderFactory.setFeature方法代码示例

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
/**
 * Parses the response for Status and Preapproval Key.
 * 
 * @param response
 *            The Response which is received in
 *            BaseServlet.sendPaypalRequest()
 * @throws ParserConfigurationException
 *             SAX may throw this
 * @throws SAXException
 *             SAX may throw this
 * @throws IOException
 *             SAX may throw this
 */
public PaypalResponse(String response) throws ParserConfigurationException,
        SAXException, IOException {
    originalResponse = response;
    final DocumentBuilderFactory factory = DocumentBuilderFactory
            .newInstance();
    factory.setNamespaceAware(true);
    factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);

    final InputStream responseStream = new ByteArrayInputStream(
            response.getBytes());

    final DocumentBuilder builder = factory.newDocumentBuilder();
    final Document responseDocument = builder.parse(responseStream);

    final Node documentElement = responseDocument.getDocumentElement();
    final NodeList childs = documentElement.getChildNodes();

    for (int i = 0; i < childs.getLength(); i++) {
        final Node child = childs.item(i);
        if (checkNodeName(child, "preapprovalKey")) {
            preapprovalKey = child.getTextContent().trim();
        } else if (checkNodeName(child, "responseEnvelope")) {
            final NodeList childs2 = child.getChildNodes();
            for (int i2 = 0; i2 < childs2.getLength(); i2++) {
                final Node child2 = childs2.item(i2);
                if (checkNodeName(child2, "ack")) {
                    status = child2.getTextContent().trim();
                } else if (checkNodeName(child2, "message")) {
                    error = child2.getTextContent().trim();
                }
            }
        }
    }
}
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
public static void unsafeManualConfig3() throws ParserConfigurationException, IOException, SAXException {
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setFeature("http://xml.org/sax/features/external-general-entities",true);
    dbf.setFeature("http://xml.org/sax/features/external-parameter-entities",true);
    //dbf.setXIncludeAware(false);
    dbf.setExpandEntityReferences(false);
    DocumentBuilder db = dbf.newDocumentBuilder();

    Document doc = db.parse(getInputFile());
    print(doc);
}
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
/**
 *Converts xml-stream into its equivalent jaxb object
 * 
 * @param xmlInputStream
 * @param type
 * @return
 * @throws ParserConfigurationException
 * @throws SAXException
 * @throws IOException
 * @throws JAXBException
 */
public Object unmarshal(InputStream xmlInputStream, Class<?> type)
		throws ParserConfigurationException, SAXException, IOException, JAXBException {
		DocumentBuilderFactory builderFactory = DocumentBuilderFactory.newInstance();
		builderFactory.setExpandEntityReferences(false);
		builderFactory.setNamespaceAware(true);
		builderFactory.setFeature(Constants.DISALLOW_DOCTYPE_DECLARATION, true);
		DocumentBuilder documentBuilder = builderFactory.newDocumentBuilder();
		Document document = documentBuilder.parse(xmlInputStream);
		JAXBContext jaxbContext = JAXBContext.newInstance(type);
		Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller();
		return jaxbUnmarshaller.unmarshal(document);
}
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
public DocumentBuilder getDocumentBuilder(ParserSettings ps) {
    DocumentBuilder db = null;
    try {
        DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
        if (ps.standardUriConformant) {
            dbf.setFeature("http://apache.org/xml/features/standard-uri-conformant", true);
        }
        dbf.setValidating(ps.validating);
        db = dbf.newDocumentBuilder();
        db.setErrorHandler(new MyHandler());
    } catch (Exception e) {
        Assert.fail("standard-uri-conformant not recognized");
    }
    return db;
}
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
private String pluginIdFromLocation(PluginManager.PluginLocation loc) throws IOException, ParserConfigurationException, SAXException {
    try(InputStream is = loc.getManifestLocation().openStream()) {
        DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
        factory.setValidating(false);
        factory.setNamespaceAware(true);
        factory.setFeature("http://xml.org/sax/features/namespaces", false);
        factory.setFeature("http://xml.org/sax/features/validation", false);
        factory.setFeature("http://apache.org/xml/features/nonvalidating/load-dtd-grammar", false);
        factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
        DocumentBuilder builder = factory.newDocumentBuilder();
        Document doc = builder.parse(is);
        return doc.getDocumentElement().getAttribute("id");
    }
}
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
/**
 * 
 * Convert XML string to {@link Document}
 * 
 * @param xmlString
 * @return {@link Document}
 */
public static Document convertStringToDocument(String xmlString) {
       DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();  
       DocumentBuilder builder;  
       try 
       {  
       	factory.setFeature(Constants.DISALLOW_DOCTYPE_DECLARATION,true);
           builder = factory.newDocumentBuilder();  
           Document doc = builder.parse( new InputSource( new StringReader( xmlString ) ) );            
           
           return doc;
       } catch (ParserConfigurationException| SAXException| IOException e) {  
       	logger.debug("Unable to convert string to Document",e);  
       } 
       return null;
   }
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
/**
 * Returns properly configured (e.g. security features) factory
 * - namespaceAware == true
 * - securityProcessing == is set based on security processing property, default is true
 */
public static DocumentBuilderFactory createDocumentBuilderFactory(boolean disableSecureProcessing) throws IllegalStateException {
    try {
        DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
        if (LOGGER.isLoggable(Level.FINE)) {
            LOGGER.log(Level.FINE, "DocumentBuilderFactory instance: {0}", factory);
        }
        factory.setNamespaceAware(true);
        factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, !isXMLSecurityDisabled(disableSecureProcessing));
        return factory;
    } catch (ParserConfigurationException ex) {
        LOGGER.log(Level.SEVERE, null, ex);
        throw new IllegalStateException( ex);
    } catch (AbstractMethodError er) {
        LOGGER.log(Level.SEVERE, null, er);
        throw new IllegalStateException(Messages.INVALID_JAXP_IMPLEMENTATION.format(), er);
    }
}
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
/**
 * Method canonicalize
 *
 * @param inputBytes
 * @return the c14n bytes.
 *
 * @throws CanonicalizationException
 * @throws java.io.IOException
 * @throws javax.xml.parsers.ParserConfigurationException
 * @throws org.xml.sax.SAXException
 */
public byte[] engineCanonicalize(byte[] inputBytes)
    throws javax.xml.parsers.ParserConfigurationException, java.io.IOException,
    org.xml.sax.SAXException, CanonicalizationException {

    java.io.InputStream bais = new ByteArrayInputStream(inputBytes);
    InputSource in = new InputSource(bais);
    DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
    dfactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);

    // needs to validate for ID attribute normalization
    dfactory.setNamespaceAware(true);

    DocumentBuilder db = dfactory.newDocumentBuilder();

    Document document = db.parse(in);
    return this.engineCanonicalizeSubTree(document);
}
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
private void setFeature(DocumentBuilderFactory factory, String feature, boolean enable)
{
    try
    {
        if (ADDITIONAL_FEATURE_X_INCLUDE_AWARE.equals(feature))
        {
            factory.setXIncludeAware(enable);
        }
        else if (ADDITIONAL_FEATURE_EXPAND_ENTITY_REFERENCES.equals(feature))
        {
            factory.setExpandEntityReferences(enable);
        }
        else
        {
            factory.setFeature(feature, enable);
        }
        debug(debugCounter+" DocumentBuilderFactory "+feature+" "+enable);
    }
    catch (ParserConfigurationException pce)
    {
        logConfigurationFailure(factory.getClass().getName(), feature, pce);
    }
}
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
/**
 * Use a DocumentBuilder to create a DOM object and see how does the Secure
 * Processing feature and entityExpansionLimit value affects output.
 * Negative test that when entityExpansionLimit is too small.
 *
 * @throws Exception If any errors occur.
 */
@Test(expectedExceptions = SAXParseException.class)
public void testEntityExpansionDOMNeg() throws Exception {
    DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
    dfactory.setFeature(FEATURE_SECURE_PROCESSING, true);
    setSystemProperty(SP_ENTITY_EXPANSION_LIMIT, String.valueOf(2));
    DocumentBuilder dBuilder = dfactory.newDocumentBuilder();
    MyErrorHandler eh = new MyErrorHandler();
    dBuilder.setErrorHandler(eh);
    dBuilder.parse(ENTITY_XML);
}
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
/**
 * This implementation allow DTD but disable all its dangerous features.
 * Not sure it can still do something useful with DTD ...
 */
public static void safeManualConfiguration() throws ParserConfigurationException, IOException, SAXException {
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setFeature("http://xml.org/sax/features/external-general-entities",true);
    dbf.setFeature("http://xml.org/sax/features/external-parameter-entities",true);
    dbf.setXIncludeAware(false);
    dbf.setExpandEntityReferences(false);
    DocumentBuilder db = dbf.newDocumentBuilder();

    Document doc = db.parse(getInputFile());
    print(doc);
}
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
/**
 * Sets document builder features. If an features is not supported it is ignored.
 * 
 * @param factory document builder factory upon which the attribute will be set
 * @param features the set of features to be set
 */
protected void setFeatures(DocumentBuilderFactory factory, Map<String, Boolean> features) {
    if (features == null || features.isEmpty()) {
        return;
    }

    for (Map.Entry<String, Boolean> feature : features.entrySet()) {
        try {
            log.debug("Setting DocumentBuilderFactory attribute '{}'", feature.getKey());
            factory.setFeature(feature.getKey(), feature.getValue());
        } catch (ParserConfigurationException e) {
            log.warn("DocumentBuilderFactory feature '{}' is not supported", feature.getKey());
        }
    }
}
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
/**
 * Use a DocumentBuilder to create a DOM object and see if Secure Processing
 * feature affects the entity expansion.
 *
 * @throws Exception If any errors occur.
 */
@Test
public void testEntityExpansionDOMPos() throws Exception  {
    DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
    dfactory.setFeature(FEATURE_SECURE_PROCESSING, true);
    setSystemProperty(SP_ENTITY_EXPANSION_LIMIT, String.valueOf(10000));
    DocumentBuilder dBuilder = dfactory.newDocumentBuilder();
    MyErrorHandler eh = new MyErrorHandler();
    dBuilder.setErrorHandler(eh);
    dBuilder.parse(ENTITY_XML);
    assertFalse(eh.isAnyError());
}
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
public static void unsafeManualConfig4() throws ParserConfigurationException, IOException, SAXException {
    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    dbf.setFeature("http://xml.org/sax/features/external-general-entities",true);
    dbf.setFeature("http://xml.org/sax/features/external-parameter-entities",true);
    dbf.setXIncludeAware(false);
    //dbf.setExpandEntityReferences(false);
    DocumentBuilder db = dbf.newDocumentBuilder();

    Document doc = db.parse(getInputFile());
    print(doc);
}
 

import javax.xml.parsers.DocumentBuilderFactory; //导入方法依赖的package包/类
public static DocumentBuilderFactory newDocumentBuilderFactory(boolean secureXmlProcessing) {
    DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
    try {
        factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, isXMLSecurityDisabled(secureXmlProcessing));
    } catch (ParserConfigurationException e) {
        LOGGER.log(Level.WARNING, "Factory [{0}] doesn't support secure xml processing!", new Object[] { factory.getClass().getName() } );
    }
    return factory;
}