Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.atlassian.security.xml
Class SecureXmlParserFactory

java.lang.Object
  extended by com.atlassian.security.xml.SecureXmlParserFactory

public final class SecureXmlParserFactory
extends java.lang.Object

Utility methods to produce parsers suitable for untrusted XML. These cover the core parsing APIs included in JDK 1.6. Other factories in com.atlassian.security.xml.libs can create parsers for other libraries.

Parsers will have FEATURE_SECURE_PROCESSING enabled and be configured to ignore external resources used for, or in, DTDs.

Since:
3.0

Method Summary
static org.xml.sax.EntityResolver emptyEntityResolver()
          Create a new EntityResolver that will resolve every entity to an empty stream, rather than fetching resources from the network.
static javax.xml.parsers.DocumentBuilder newDocumentBuilder()
          Create a new DOM DocumentBuilder suitable for parsing XML from an untrusted source.
static javax.xml.parsers.DocumentBuilder newNamespaceAwareDocumentBuilder()
          Create a new namespace-aware DOM DocumentBuilder suitable for parsing XML from an untrusted source.
static org.xml.sax.XMLReader newNamespaceAwareXmlReader()
          Create a new namespace-aware SAX XMLReader suitable for parsing XML from an untrusted source.
static javax.xml.stream.XMLInputFactory newXmlInputFactory()
          Create a new StAX XMLInputFactory suitable for parsing XML from an untrusted source.
static org.xml.sax.XMLReader newXmlReader()
          Create a new SAX XMLReader suitable for parsing XML from an untrusted source.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

newDocumentBuilder

public static javax.xml.parsers.DocumentBuilder newDocumentBuilder()
Create a new DOM DocumentBuilder suitable for parsing XML from an untrusted source.

Returns:
a new parser

newXmlReader

public static org.xml.sax.XMLReader newXmlReader()
Create a new SAX XMLReader suitable for parsing XML from an untrusted source.

Returns:
a new parser

newNamespaceAwareXmlReader

public static org.xml.sax.XMLReader newNamespaceAwareXmlReader()
Create a new namespace-aware SAX XMLReader suitable for parsing XML from an untrusted source.

Returns:
a new parser

newNamespaceAwareDocumentBuilder

public static javax.xml.parsers.DocumentBuilder newNamespaceAwareDocumentBuilder()
Create a new namespace-aware DOM DocumentBuilder suitable for parsing XML from an untrusted source.

Returns:
a new parser

newXmlInputFactory

public static javax.xml.stream.XMLInputFactory newXmlInputFactory()
Create a new StAX XMLInputFactory suitable for parsing XML from an untrusted source.

Returns:
a new parser

emptyEntityResolver

public static org.xml.sax.EntityResolver emptyEntityResolver()
Create a new EntityResolver that will resolve every entity to an empty stream, rather than fetching resources from the network.

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2012 Atlassian. All Rights Reserved.