equal
deleted
inserted
replaced
75 import com.sun.org.apache.xerces.internal.util.StAXLocationWrapper; |
75 import com.sun.org.apache.xerces.internal.util.StAXLocationWrapper; |
76 import com.sun.org.apache.xerces.internal.util.SymbolHash; |
76 import com.sun.org.apache.xerces.internal.util.SymbolHash; |
77 import com.sun.org.apache.xerces.internal.util.SymbolTable; |
77 import com.sun.org.apache.xerces.internal.util.SymbolTable; |
78 import com.sun.org.apache.xerces.internal.util.XMLSymbols; |
78 import com.sun.org.apache.xerces.internal.util.XMLSymbols; |
79 import com.sun.org.apache.xerces.internal.util.URI.MalformedURIException; |
79 import com.sun.org.apache.xerces.internal.util.URI.MalformedURIException; |
|
80 import com.sun.org.apache.xerces.internal.utils.SecuritySupport; |
80 import com.sun.org.apache.xerces.internal.xni.QName; |
81 import com.sun.org.apache.xerces.internal.xni.QName; |
81 import com.sun.org.apache.xerces.internal.xni.XNIException; |
82 import com.sun.org.apache.xerces.internal.xni.XNIException; |
82 import com.sun.org.apache.xerces.internal.xni.grammars.Grammar; |
83 import com.sun.org.apache.xerces.internal.xni.grammars.Grammar; |
83 import com.sun.org.apache.xerces.internal.xni.grammars.XMLGrammarDescription; |
84 import com.sun.org.apache.xerces.internal.xni.grammars.XMLGrammarDescription; |
84 import com.sun.org.apache.xerces.internal.xni.grammars.XMLGrammarPool; |
85 import com.sun.org.apache.xerces.internal.xni.grammars.XMLGrammarPool; |
103 import com.sun.org.apache.xerces.internal.xs.XSParticle; |
104 import com.sun.org.apache.xerces.internal.xs.XSParticle; |
104 import com.sun.org.apache.xerces.internal.xs.XSSimpleTypeDefinition; |
105 import com.sun.org.apache.xerces.internal.xs.XSSimpleTypeDefinition; |
105 import com.sun.org.apache.xerces.internal.xs.XSTerm; |
106 import com.sun.org.apache.xerces.internal.xs.XSTerm; |
106 import com.sun.org.apache.xerces.internal.xs.XSTypeDefinition; |
107 import com.sun.org.apache.xerces.internal.xs.XSTypeDefinition; |
107 import com.sun.org.apache.xerces.internal.xs.datatypes.ObjectList; |
108 import com.sun.org.apache.xerces.internal.xs.datatypes.ObjectList; |
|
109 import javax.xml.XMLConstants; |
108 import org.w3c.dom.Document; |
110 import org.w3c.dom.Document; |
109 import org.w3c.dom.Element; |
111 import org.w3c.dom.Element; |
110 import org.w3c.dom.Node; |
112 import org.w3c.dom.Node; |
111 import org.xml.sax.InputSource; |
113 import org.xml.sax.InputSource; |
112 import org.xml.sax.SAXException; |
114 import org.xml.sax.SAXException; |
219 |
221 |
220 /** Property identifier: locale. */ |
222 /** Property identifier: locale. */ |
221 protected static final String LOCALE = |
223 protected static final String LOCALE = |
222 Constants.XERCES_PROPERTY_PREFIX + Constants.LOCALE_PROPERTY; |
224 Constants.XERCES_PROPERTY_PREFIX + Constants.LOCALE_PROPERTY; |
223 |
225 |
|
226 /** property identifier: access external dtd. */ |
|
227 public static final String ACCESS_EXTERNAL_DTD = XMLConstants.ACCESS_EXTERNAL_DTD; |
|
228 |
|
229 /** Property identifier: access to external schema */ |
|
230 public static final String ACCESS_EXTERNAL_SCHEMA = XMLConstants.ACCESS_EXTERNAL_SCHEMA; |
|
231 |
224 protected static final boolean DEBUG_NODE_POOL = false; |
232 protected static final boolean DEBUG_NODE_POOL = false; |
225 |
233 |
226 // Data |
234 // Data |
227 |
235 |
228 // different sorts of declarations; should make lookup and |
236 // different sorts of declarations; should make lookup and |
248 * <p>Security manager in effect.</p> |
256 * <p>Security manager in effect.</p> |
249 * |
257 * |
250 * <p>Protected to allow access by any traverser.</p> |
258 * <p>Protected to allow access by any traverser.</p> |
251 */ |
259 */ |
252 protected SecurityManager fSecureProcessing = null; |
260 protected SecurityManager fSecureProcessing = null; |
|
261 |
|
262 private String fAccessExternalSchema; |
253 |
263 |
254 // These tables correspond to the symbol spaces defined in the |
264 // These tables correspond to the symbol spaces defined in the |
255 // spec. |
265 // spec. |
256 // They are keyed with a QName (that is, String("URI,localpart) and |
266 // They are keyed with a QName (that is, String("URI,localpart) and |
257 // their values are nodes corresponding to the given name's decl. |
267 // their values are nodes corresponding to the given name's decl. |
2148 key = new XSDKey(schemaId, referType, schemaNamespace); |
2158 key = new XSDKey(schemaId, referType, schemaNamespace); |
2149 if((schemaElement = (Element)fTraversed.get(key)) != null) { |
2159 if((schemaElement = (Element)fTraversed.get(key)) != null) { |
2150 fLastSchemaWasDuplicate = true; |
2160 fLastSchemaWasDuplicate = true; |
2151 return schemaElement; |
2161 return schemaElement; |
2152 } |
2162 } |
|
2163 if (referType == XSDDescription.CONTEXT_IMPORT || referType == XSDDescription.CONTEXT_INCLUDE |
|
2164 || referType == XSDDescription.CONTEXT_REDEFINE) { |
|
2165 String accessError = SecuritySupport.checkAccess(schemaId, fAccessExternalSchema, Constants.ACCESS_EXTERNAL_ALL); |
|
2166 if (accessError != null) { |
|
2167 reportSchemaFatalError("schema_reference.access", |
|
2168 new Object[] { SecuritySupport.sanitizePath(schemaId), accessError }, |
|
2169 referElement); |
|
2170 } |
|
2171 } |
2153 } |
2172 } |
2154 |
2173 |
2155 fSchemaParser.parse(schemaSource); |
2174 fSchemaParser.parse(schemaSource); |
2156 Document schemaDocument = fSchemaParser.getDocument(); |
2175 Document schemaDocument = fSchemaParser.getDocument(); |
2157 schemaElement = schemaDocument != null ? DOMUtil.getRoot(schemaDocument) : null; |
2176 schemaElement = schemaDocument != null ? DOMUtil.getRoot(schemaDocument) : null; |
3559 fSchemaParser.setProperty(SECURITY_MANAGER, security); |
3578 fSchemaParser.setProperty(SECURITY_MANAGER, security); |
3560 } |
3579 } |
3561 } catch (XMLConfigurationException e) { |
3580 } catch (XMLConfigurationException e) { |
3562 } |
3581 } |
3563 |
3582 |
|
3583 //For Schema validation, the secure feature is set to true by default |
|
3584 fSchemaParser.setProperty(ACCESS_EXTERNAL_DTD, |
|
3585 componentManager.getProperty(ACCESS_EXTERNAL_DTD, Constants.EXTERNAL_ACCESS_DEFAULT)); |
|
3586 fAccessExternalSchema = (String) componentManager.getProperty( |
|
3587 ACCESS_EXTERNAL_SCHEMA, Constants.EXTERNAL_ACCESS_DEFAULT); |
3564 } // reset(XMLComponentManager) |
3588 } // reset(XMLComponentManager) |
3565 |
3589 |
3566 |
3590 |
3567 /** |
3591 /** |
3568 * Traverse all the deferred local elements. This method should be called |
3592 * Traverse all the deferred local elements. This method should be called |