SecurityConfigurationpublic class SecurityConfiguration extends XIncludeAwareParserConfiguration This configuration allows Xerces to behave in a security-conscious manner; that is,
it permits applications to instruct Xerces to limit certain
operations that could be exploited by malicious document authors to cause a denail-of-service
attack when the document is parsed.
In addition to the features and properties recognized by the base
parser configuration, this class recognizes these additional
features and properties:
- Properties
- http://apache.org/xml/properties/security-manager
|
Fields Summary |
---|
protected static final String | SECURITY_MANAGER_PROPERTY |
Constructors Summary |
---|
public SecurityConfiguration()Default constructor.
//
// Constructors
//
this(null, null, null);
| public SecurityConfiguration(org.apache.xerces.util.SymbolTable symbolTable)Constructs a parser configuration using the specified symbol table.
this(symbolTable, null, null);
| public SecurityConfiguration(org.apache.xerces.util.SymbolTable symbolTable, org.apache.xerces.xni.grammars.XMLGrammarPool grammarPool)Constructs a parser configuration using the specified symbol table and
grammar pool.
REVISIT:
Grammar pool will be updated when the new validation engine is
implemented.
this(symbolTable, grammarPool, null);
| public SecurityConfiguration(org.apache.xerces.util.SymbolTable symbolTable, org.apache.xerces.xni.grammars.XMLGrammarPool grammarPool, org.apache.xerces.xni.parser.XMLComponentManager parentSettings)Constructs a parser configuration using the specified symbol table,
grammar pool, and parent settings.
REVISIT:
Grammar pool will be updated when the new validation engine is
implemented.
super(symbolTable, grammarPool, parentSettings);
// create the SecurityManager property:
setProperty(SECURITY_MANAGER_PROPERTY, new SecurityManager());
|
|