18 * limitations under the License. |
18 * limitations under the License. |
19 */ |
19 */ |
20 |
20 |
21 package com.sun.org.apache.xerces.internal.impl; |
21 package com.sun.org.apache.xerces.internal.impl; |
22 |
22 |
|
23 import com.sun.org.apache.xerces.internal.utils.SecuritySupport; |
23 import java.util.Enumeration; |
24 import java.util.Enumeration; |
24 import java.util.NoSuchElementException; |
25 import java.util.NoSuchElementException; |
25 |
26 |
26 /** |
27 /** |
27 * Commonly used constants. |
28 * Commonly used constants. |
136 /** XML string property ("xml-string"). */ |
137 /** XML string property ("xml-string"). */ |
137 public static final String XML_STRING_PROPERTY = "xml-string"; |
138 public static final String XML_STRING_PROPERTY = "xml-string"; |
138 |
139 |
139 public static final String FEATURE_SECURE_PROCESSING = "http://javax.xml.XMLConstants/feature/secure-processing"; |
140 public static final String FEATURE_SECURE_PROCESSING = "http://javax.xml.XMLConstants/feature/secure-processing"; |
140 |
141 |
|
142 // Oracle Feature: |
|
143 /** |
|
144 * <p>Use Service Mechanism</p> |
|
145 * |
|
146 * <ul> |
|
147 * <li> |
|
148 * {@code true} instruct an object to use service mechanism to |
|
149 * find a service implementation. This is the default behavior. |
|
150 * </li> |
|
151 * <li> |
|
152 * {@code false} instruct an object to skip service mechanism and |
|
153 * use the default implementation for that service. |
|
154 * </li> |
|
155 * </ul> |
|
156 */ |
141 public static final String ORACLE_FEATURE_SERVICE_MECHANISM = "http://www.oracle.com/feature/use-service-mechanism"; |
157 public static final String ORACLE_FEATURE_SERVICE_MECHANISM = "http://www.oracle.com/feature/use-service-mechanism"; |
142 |
158 |
143 /** Document XML version property ("document-xml-version"). */ |
159 /** Document XML version property ("document-xml-version"). */ |
144 public static final String DOCUMENT_XML_VERSION_PROPERTY = "document-xml-version"; |
160 public static final String DOCUMENT_XML_VERSION_PROPERTY = "document-xml-version"; |
145 |
161 |
157 |
173 |
158 /** JAXP schemaSource language: when used internally may include DTD namespace (DOM) */ |
174 /** JAXP schemaSource language: when used internally may include DTD namespace (DOM) */ |
159 public static final String SCHEMA_LANGUAGE = "schemaLanguage"; |
175 public static final String SCHEMA_LANGUAGE = "schemaLanguage"; |
160 |
176 |
161 public static final String SYSTEM_PROPERTY_ELEMENT_ATTRIBUTE_LIMIT = "elementAttributeLimit" ; |
177 public static final String SYSTEM_PROPERTY_ELEMENT_ATTRIBUTE_LIMIT = "elementAttributeLimit" ; |
|
178 |
|
179 /** JAXP Standard property prefix ("http://javax.xml.XMLConstants/property/"). */ |
|
180 public static final String JAXPAPI_PROPERTY_PREFIX = |
|
181 "http://javax.xml.XMLConstants/property/"; |
|
182 |
|
183 /** Oracle JAXP property prefix ("http://www.oracle.com/xml/jaxp/properties/"). */ |
|
184 public static final String ORACLE_JAXP_PROPERTY_PREFIX = |
|
185 "http://www.oracle.com/xml/jaxp/properties/"; |
|
186 |
|
187 //System Properties corresponding to ACCESS_EXTERNAL_* properties |
|
188 public static final String SP_ACCESS_EXTERNAL_DTD = "javax.xml.accessExternalDTD"; |
|
189 public static final String SP_ACCESS_EXTERNAL_SCHEMA = "javax.xml.accessExternalSchema"; |
|
190 //all access keyword |
|
191 public static final String ACCESS_EXTERNAL_ALL = "all"; |
|
192 |
|
193 /** |
|
194 * Default value when FEATURE_SECURE_PROCESSING (FSP) is set to true |
|
195 */ |
|
196 public static final String EXTERNAL_ACCESS_DEFAULT_FSP = ""; |
|
197 /** |
|
198 * JDK version by which the default is to restrict external connection |
|
199 */ |
|
200 public static final int RESTRICT_BY_DEFAULT_JDK_VERSION = 8; |
|
201 |
|
202 /** |
|
203 * FEATURE_SECURE_PROCESSING (FSP) is true by default |
|
204 */ |
|
205 public static final String EXTERNAL_ACCESS_DEFAULT = getExternalAccessDefault(true); |
162 |
206 |
163 // |
207 // |
164 // DOM features |
208 // DOM features |
165 // |
209 // |
166 |
210 |
651 public static Enumeration getXercesProperties() { |
695 public static Enumeration getXercesProperties() { |
652 return fgXercesProperties.length > 0 |
696 return fgXercesProperties.length > 0 |
653 ? new ArrayEnumeration(fgXercesProperties) : fgEmptyEnumeration; |
697 ? new ArrayEnumeration(fgXercesProperties) : fgEmptyEnumeration; |
654 } // getXercesProperties():Enumeration |
698 } // getXercesProperties():Enumeration |
655 |
699 |
|
700 /** |
|
701 * Determine the default value of the external access properties |
|
702 * |
|
703 * jaxp 1.5 does not require implementations to restrict by default |
|
704 * |
|
705 * For JDK8: |
|
706 * The default value is 'file' (including jar:file); The keyword "all" grants permission |
|
707 * to all protocols. When {@link javax.xml.XMLConstants#FEATURE_SECURE_PROCESSING} is on, |
|
708 * the default value is an empty string indicating no access is allowed. |
|
709 * |
|
710 * For JDK7: |
|
711 * The default value is 'all' granting permission to all protocols. If by default, |
|
712 * {@link javax.xml.XMLConstants#FEATURE_SECURE_PROCESSING} is true, it should |
|
713 * not change the default value. However, if {@link javax.xml.XMLConstants#FEATURE_SECURE_PROCESSING} |
|
714 * is set explicitly, the values of the properties shall be set to an empty string |
|
715 * indicating no access is allowed. |
|
716 * |
|
717 * @param isSecureProcessing indicating if Secure Processing is set |
|
718 * @return default value |
|
719 */ |
|
720 public static String getExternalAccessDefault(boolean isSecureProcessing) { |
|
721 String defaultValue = "all"; |
|
722 if (isJDKandAbove(RESTRICT_BY_DEFAULT_JDK_VERSION)) { |
|
723 defaultValue = "file"; |
|
724 if (isSecureProcessing) { |
|
725 defaultValue = EXTERNAL_ACCESS_DEFAULT_FSP; |
|
726 } |
|
727 } |
|
728 return defaultValue; |
|
729 } |
|
730 |
|
731 /* |
|
732 * Check the version of the current JDK against that specified in the |
|
733 * parameter |
|
734 * |
|
735 * There is a proposal to change the java version string to: |
|
736 * MAJOR.MINOR.FU.CPU.PSU-BUILDNUMBER_BUGIDNUMBER_OPTIONAL |
|
737 * This method would work with both the current format and that proposed |
|
738 * |
|
739 * @param compareTo a JDK version to be compared to |
|
740 * @return true if the current version is the same or above that represented |
|
741 * by the parameter |
|
742 */ |
|
743 public static boolean isJDKandAbove(int compareTo) { |
|
744 String javaVersion = SecuritySupport.getSystemProperty("java.version"); |
|
745 String versions[] = javaVersion.split("\\.", 3); |
|
746 if (Integer.parseInt(versions[0]) >= compareTo || |
|
747 Integer.parseInt(versions[1]) >= compareTo) { |
|
748 return true; |
|
749 } |
|
750 return false; |
|
751 } |
|
752 |
656 // |
753 // |
657 // Classes |
754 // Classes |
658 // |
755 // |
659 |
756 |
660 /** |
757 /** |