You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fop-commits@xmlgraphics.apache.org by ss...@apache.org on 2016/11/16 12:33:32 UTC
svn commit: r1769967 - in
/xmlgraphics/fop/trunk/fop-core/src/main/java/org/apache/fop:
cli/InputHandler.java servlet/FopServlet.java
Author: ssteiner
Date: Wed Nov 16 12:33:32 2016
New Revision: 1769967
URL: http://svn.apache.org/viewvc?rev=1769967&view=rev
Log:
FOP-2668: Dont load DTDs
Modified:
xmlgraphics/fop/trunk/fop-core/src/main/java/org/apache/fop/cli/InputHandler.java
xmlgraphics/fop/trunk/fop-core/src/main/java/org/apache/fop/servlet/FopServlet.java
Modified: xmlgraphics/fop/trunk/fop-core/src/main/java/org/apache/fop/cli/InputHandler.java
URL: http://svn.apache.org/viewvc/xmlgraphics/fop/trunk/fop-core/src/main/java/org/apache/fop/cli/InputHandler.java?rev=1769967&r1=1769966&r2=1769967&view=diff
==============================================================================
--- xmlgraphics/fop/trunk/fop-core/src/main/java/org/apache/fop/cli/InputHandler.java (original)
+++ xmlgraphics/fop/trunk/fop-core/src/main/java/org/apache/fop/cli/InputHandler.java Wed Nov 16 12:33:32 2016
@@ -244,6 +244,7 @@ public class InputHandler implements Err
SAXParserFactory spf = SAXParserFactory.newInstance();
spf.setFeature("http://xml.org/sax/features/namespaces", true);
spf.setFeature("http://apache.org/xml/features/xinclude", true);
+ spf.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
XMLReader xr = spf.newSAXParser().getXMLReader();
return xr;
}
Modified: xmlgraphics/fop/trunk/fop-core/src/main/java/org/apache/fop/servlet/FopServlet.java
URL: http://svn.apache.org/viewvc/xmlgraphics/fop/trunk/fop-core/src/main/java/org/apache/fop/servlet/FopServlet.java?rev=1769967&r1=1769966&r2=1769967&view=diff
==============================================================================
--- xmlgraphics/fop/trunk/fop-core/src/main/java/org/apache/fop/servlet/FopServlet.java (original)
+++ xmlgraphics/fop/trunk/fop-core/src/main/java/org/apache/fop/servlet/FopServlet.java Wed Nov 16 12:33:32 2016
@@ -30,6 +30,7 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.xml.XMLConstants;
import javax.xml.transform.Result;
import javax.xml.transform.Source;
import javax.xml.transform.Transformer;
@@ -96,6 +97,8 @@ public class FopServlet extends HttpServ
public void init() throws ServletException {
this.uriResolver = new ServletContextURIResolver(getServletContext());
this.transFactory = TransformerFactory.newInstance();
+ transFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
+ transFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, "");
this.transFactory.setURIResolver(this.uriResolver);
//Configure FopFactory as desired
// TODO: Double check this behaves properly!!
---------------------------------------------------------------------
To unsubscribe, e-mail: fop-commits-unsubscribe@xmlgraphics.apache.org
For additional commands, e-mail: fop-commits-help@xmlgraphics.apache.org