jdk/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java
equal
deleted
inserted
replaced
19 * KIND, either express or implied. See the License for the |
19 * KIND, either express or implied. See the License for the |
20 * specific language governing permissions and limitations |
20 * specific language governing permissions and limitations |
21 * under the License. |
21 * under the License. |
22 */ |
22 */ |
23 /* |
23 /* |
24 * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. |
24 * Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved. |
25 */ |
25 */ |
26 /* |
26 /* |
27 * =========================================================================== |
27 * =========================================================================== |
28 * |
28 * |
29 * (C) Copyright IBM Corp. 2003 All Rights Reserved. |
29 * (C) Copyright IBM Corp. 2003 All Rights Reserved. |
147 throw new MarshalException("Invalid element name: " + |
147 throw new MarshalException("Invalid element name: " + |
148 name + ", expected Transform"); |
148 name + ", expected Transform"); |
149 } |
149 } |
150 transforms.add |
150 transforms.add |
151 (new DOMTransform(transformElem, context, provider)); |
151 (new DOMTransform(transformElem, context, provider)); |
152 if (secVal && (transforms.size() > DOMReference.MAXIMUM_TRANSFORM_COUNT)) { |
152 if (secVal && Policy.restrictNumTransforms(transforms.size())) { |
153 String error = "A maxiumum of " + DOMReference.MAXIMUM_TRANSFORM_COUNT + " " |
153 String error = "A maximum of " + Policy.maxTransforms() |
154 + "transforms per Reference are allowed with secure validation"; |
154 + " transforms per Reference are allowed when" |
|
155 + " secure validation is enabled"; |
155 throw new MarshalException(error); |
156 throw new MarshalException(error); |
156 } |
157 } |
157 transformElem = DOMUtils.getNextSiblingElement(transformElem); |
158 transformElem = DOMUtils.getNextSiblingElement(transformElem); |
158 } |
159 } |
159 } |
160 } |
236 } catch (Exception e) { |
237 } catch (Exception e) { |
237 throw new URIReferenceException(e); |
238 throw new URIReferenceException(e); |
238 } |
239 } |
239 |
240 |
240 // guard against RetrievalMethod loops |
241 // guard against RetrievalMethod loops |
241 if ((data instanceof NodeSetData) && Utils.secureValidation(context)) { |
242 if ((data instanceof NodeSetData) && Utils.secureValidation(context) |
|
243 && Policy.restrictRetrievalMethodLoops()) { |
242 NodeSetData<?> nsd = (NodeSetData<?>)data; |
244 NodeSetData<?> nsd = (NodeSetData<?>)data; |
243 Iterator<?> i = nsd.iterator(); |
245 Iterator<?> i = nsd.iterator(); |
244 if (i.hasNext()) { |
246 if (i.hasNext()) { |
245 Node root = (Node)i.next(); |
247 Node root = (Node)i.next(); |
246 if ("RetrievalMethod".equals(root.getLocalName())) { |
248 if ("RetrievalMethod".equals(root.getLocalName())) { |