bundles/org.eclipse.equinox.p2.core/src/org/eclipse/equinox/internal/p2/core/helpers/SecureXMLUtil.java - equinox/rt.equinox.p2 - Git at Google

 /*******************************************************************************
  * Copyright (c) 2017 Manumitting Technologies Inc and others.
  *
  * This program and the accompanying materials
  * are made available under the terms of the Eclipse Public License 2.0
  * which accompanies this distribution, and is available at
  * https://www.eclipse.org/legal/epl-2.0/
  *
  * SPDX-License-Identifier: EPL-2.0
  *
  * Contributors:
  *     Manumitting Technologies Inc - initial API and implementation
  *******************************************************************************/
 package org.eclipse.equinox.internal.p2.core.helpers;

 import javax.xml.XMLConstants;
 import javax.xml.parsers.*;
 import org.xml.sax.*;

 /**
  * A utility class for creating an XML-related factories suitable for
  * for processing XML data from possibly malicious sources in a secure
  * fashion, avoiding XML Entity Expansion problem.
  */
 public class SecureXMLUtil {
 	/**
 	 * Create a new {@link DocumentBuilderFactory}.
 	 *
 	 * @throws ParserConfigurationException
 	 */
 	public static DocumentBuilderFactory newSecureDocumentBuilderFactory() throws ParserConfigurationException {
 		DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
 		factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
 		return factory;
 	}

 	/**
 	 * Create a new {@link SAXParserFactory}.
 	 *
 	 * @throws ParserConfigurationException
 	 * @throws SAXNotSupportedException
 	 * @throws SAXNotRecognizedException
 	 */
 	public static SAXParserFactory newSecureSAXParserFactory() throws SAXNotRecognizedException, SAXNotSupportedException, ParserConfigurationException {
 		SAXParserFactory factory = SAXParserFactory.newInstance();
 		factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
 		return factory;
 	}

 	/**
 	 * Create a new {@link XMLReader}.
 	 *
 	 * @throws SAXException
 	 * @throws ParserConfigurationException
 	 */
 	public static XMLReader newSecureXMLReader() throws SAXException, ParserConfigurationException {
 		SAXParserFactory factory = newSecureSAXParserFactory();
 		factory.setNamespaceAware(true);
 		return factory.newSAXParser().getXMLReader();
 	}
 }
	/*******************************************************************************
	* Copyright (c) 2017 Manumitting Technologies Inc and others.
	*
	* This program and the accompanying materials
	* are made available under the terms of the Eclipse Public License 2.0
	* which accompanies this distribution, and is available at
	* https://www.eclipse.org/legal/epl-2.0/
	*
	* SPDX-License-Identifier: EPL-2.0
	*
	* Contributors:
	* Manumitting Technologies Inc - initial API and implementation
	*******************************************************************************/
	package org.eclipse.equinox.internal.p2.core.helpers;

	import javax.xml.XMLConstants;
	import javax.xml.parsers.*;
	import org.xml.sax.*;

	/**
	* A utility class for creating an XML-related factories suitable for
	* for processing XML data from possibly malicious sources in a secure
	* fashion, avoiding XML Entity Expansion problem.
	*/
	public class SecureXMLUtil {
	/**
	* Create a new {@link DocumentBuilderFactory}.
	*
	* @throws ParserConfigurationException
	*/
	public static DocumentBuilderFactory newSecureDocumentBuilderFactory() throws ParserConfigurationException {
	DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
	factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
	return factory;
	}

	/**
	* Create a new {@link SAXParserFactory}.
	*
	* @throws ParserConfigurationException
	* @throws SAXNotSupportedException
	* @throws SAXNotRecognizedException
	*/
	public static SAXParserFactory newSecureSAXParserFactory() throws SAXNotRecognizedException, SAXNotSupportedException, ParserConfigurationException {
	SAXParserFactory factory = SAXParserFactory.newInstance();
	factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
	return factory;
	}

	/**
	* Create a new {@link XMLReader}.
	*
	* @throws SAXException
	* @throws ParserConfigurationException
	*/
	public static XMLReader newSecureXMLReader() throws SAXException, ParserConfigurationException {
	SAXParserFactory factory = newSecureSAXParserFactory();
	factory.setNamespaceAware(true);
	return factory.newSAXParser().getXMLReader();
	}
	}