Package com.sodius.oslc.core.util
Class XmlFactories
- java.lang.Object
-
- com.sodius.oslc.core.util.XmlFactories
-
public class XmlFactories extends Object
Provides XML factories that are pre-configured for secure XML processing. The factories are configured to mitigate the risk of XML External Entity (XXE) attacks, notably to reject external DTD or Schema resolution.- Since:
- 3.0.0
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static DocumentBuilder
newDocumentBuilder()
Returns a document builder configured to mitigate the risk of XML External Entity (XXE) attacks.static DocumentBuilder
newDocumentBuilder(DocumentBuilderFactory factory)
Returns a document builder configured to mitigate the risk of XML External Entity (XXE) attacks, based on the given builder factory.static DocumentBuilderFactory
newDocumentBuilderFactory()
Returns a document builder factory configured to mitigate the risk of XML External Entity (XXE) attacks.static SAXParserFactory
newSAXParserFactory()
Returns aSAXParseFactory
configured to mitigate the risk of XML External Entity (XXE) attacks.static TransformerFactory
newTransformerFactory()
Returns a transformer factory configured to mitigate the risk of XML External Entity (XXE) attacks.
-
-
-
Method Detail
-
newDocumentBuilderFactory
public static DocumentBuilderFactory newDocumentBuilderFactory()
Returns a document builder factory configured to mitigate the risk of XML External Entity (XXE) attacks.Clients are recommended to directly use
newDocumentBuilder()
when no additional configuration is to perform on the factory.- Returns:
- a new document builder factory
- See Also:
newDocumentBuilder()
-
newDocumentBuilder
public static DocumentBuilder newDocumentBuilder() throws ParserConfigurationException
Returns a document builder configured to mitigate the risk of XML External Entity (XXE) attacks.- Returns:
- a new document builder
- Throws:
ParserConfigurationException
- if a DocumentBuilder cannot be created which satisfies the configuration requested.
-
newDocumentBuilder
public static DocumentBuilder newDocumentBuilder(DocumentBuilderFactory factory) throws ParserConfigurationException
Returns a document builder configured to mitigate the risk of XML External Entity (XXE) attacks, based on the given builder factory.Clients are recommended to directly use
newDocumentBuilder()
when no additional configuration is to perform on the factory.- Parameters:
factory
- the factory to create a document builder.- Returns:
- a new document builder
- Throws:
ParserConfigurationException
- if a DocumentBuildercannot be created which satisfies the configuration requested.- See Also:
newDocumentBuilder()
-
newSAXParserFactory
public static SAXParserFactory newSAXParserFactory()
Returns aSAXParseFactory
configured to mitigate the risk of XML External Entity (XXE) attacks.- Returns:
- a new SAXParseFactory.
-
newTransformerFactory
public static TransformerFactory newTransformerFactory()
Returns a transformer factory configured to mitigate the risk of XML External Entity (XXE) attacks.- Returns:
- a new transformer factory.
-
-