org.apache.solr.util.EmptyEntityResolver
|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Object
public final class EmptyEntityResolver
This class provides several singletons of entity resolvers used by SAX and StAX in the Java API. This is needed to make secure XML parsers, that don't resolve external entities from untrusted sources.
This class also provides static methods to configure SAX and StAX parsers to be safe.
Parsers will get an empty, closed stream for every external entity, so they will not fail while parsing (unless the external entity is needed for processing!).
| Field Summary | |
|---|---|
static EntityResolver |
SAX_INSTANCE
|
static XMLResolver |
STAX_INSTANCE
|
| Method Summary | |
|---|---|
static void |
configureSAXParserFactory(SAXParserFactory saxFactory)
Configures the given SAXParserFactory to do secure XML processing of untrusted sources. |
static void |
configureXMLInputFactory(XMLInputFactory inputFactory)
Configures the given XMLInputFactory to not parse external entities. |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
|---|
public static final EntityResolver SAX_INSTANCE
public static final XMLResolver STAX_INSTANCE
| Method Detail |
|---|
public static void configureSAXParserFactory(SAXParserFactory saxFactory)
SAXParserFactory to do secure XML processing of untrusted sources.
It is required to also set SAX_INSTANCE on the created XMLReader.
SAX_INSTANCEpublic static void configureXMLInputFactory(XMLInputFactory inputFactory)
XMLInputFactory to not parse external entities.
No further configuration on is needed, all required entity resolvers are configured.
|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||