You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@camel.apache.org by "Claus Ibsen (Jira)" <ji...@apache.org> on 2022/09/13 07:52:00 UTC
[jira] [Resolved] (CAMEL-18492) Enterprise Feature of Saxon is Disabled in Camel 3.x versions.
[ https://issues.apache.org/jira/browse/CAMEL-18492?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Claus Ibsen resolved CAMEL-18492.
---------------------------------
Resolution: Fixed
There is a new option you can set to turn off secure processing
> Enterprise Feature of Saxon is Disabled in Camel 3.x versions.
> --------------------------------------------------------------
>
> Key: CAMEL-18492
> URL: https://issues.apache.org/jira/browse/CAMEL-18492
> Project: Camel
> Issue Type: Improvement
> Components: camel-saxon, camel-xslt
> Affects Versions: 3.0.0
> Reporter: Harish Annamalai
> Assignee: Claus Ibsen
> Priority: Minor
> Fix For: 3.19.0
>
>
> Hi All,
> We use Camel-Saxon for one of our product. We use Saxon Enterprise Edition 9.9.1.6.
> We are migrating our product from camel 2.x to camel 3.x (2.24 to 3.15 to be exact).
> We use a paid feature of Saxon; Invoking *External Java Functions* in XSL Transformations.
> We also *Extension Functions,* which we pass to camel-xslt-saxon component.
> What we have observed in camel 3.x versions and above, In class {{{*}XsltSaxonEndpoint{*}.java}} During the registration of extension functions, at line 202, {{registerSaxonExtensionFunctions}} method of {{{*}XsltSaxonHelper{*}.java}} is called.
>
> In XsltSaxonHelper.class, the method, {{{}registerSaxonExtensionFunctions{}}}, at line 55, sets a feature of {*}XMLConstants.FEATURE_SECURE_PROCESSING{*}.
> Unfortunately, Setting this Feature disables the External Java Function calls.
> We checked in Camel 2.x versions, this Feature is not set and therefore the External Java Calls work fine.
>
> We see this as a bug - The Feature *XMLConstants.FEATURE_SECURE_PROCESSING* is being introduced in 3.x and breaks a paid/Enterprise feature of Saxon.
>
> Sample Code to test:
> {{import javax.xml.XMLConstants;}}
> {{import javax.xml.transform.Transformer;}}
> {{import javax.xml.transform.TransformerException;}}
> {{import javax.xml.transform.TransformerFactory;}}
> {{import javax.xml.transform.stream.StreamResult;}}
> {{import javax.xml.transform.stream.StreamSource;}}
> {{import java.io.File;}}
> {{public class SaxonTransformationTester {}}
> {{ public static void main(String[] args) throws TransformerException {}}
> {{ String foo_xml = "src/main/resources/in.xml"; // input xml}}
> {{ String foo_xsl = "src/main/resources/transf.xml"; // input xsl}}
> {{ EnterpriseTransformerFactory eef = SaxonEEConsumerFactory.getEnterpriseTransformerFactoryInstance();}}
> {{ eef.getConfiguration().getConfigurationProperty(Feature.ALLOW_EXTERNAL_FUNCTIONS);}}
> {{ eef.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); //This causes External Functions to break}}
> {{ eef.getConfiguration().setConfigurationProperty("http://saxon.sf.net/feature/trace-external-functions", false);}}
> {{ Transformer transformer = eef.newTransformer(new StreamSource(}}
> {{ new File(foo_xsl)));}}
> {{ transformer.transform(new StreamSource(new File(foo_xml)),}}
> {{ new StreamResult(System.out));}}
> {{ }}}
> {{}}}
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)