You are viewing a plain text version of this content. The canonical link for it is here.
Posted to c-dev@xerces.apache.org by bo...@apache.org on 2023/12/13 08:40:22 UTC
(xerces-c) 06/06: Add functions/properties for disallowing DOCTYPE (DTD) in SAX parsers
This is an automated email from the ASF dual-hosted git repository.
borisk pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/xerces-c.git
commit 5fe4f4b5a861fa8acf4bb66d3a2ad3e4396d68ec
Author: Boris Kolpackov <bo...@codesynthesis.com>
AuthorDate: Wed Dec 13 10:38:33 2023 +0200
Add functions/properties for disallowing DOCTYPE (DTD) in SAX parsers
We already have the equivalent functionality for DOM.
---
src/xercesc/parsers/AbstractDOMParser.cpp | 10 ++++++++++
src/xercesc/parsers/AbstractDOMParser.hpp | 33 +++++++++++++++++++++++++++++++
src/xercesc/parsers/SAX2XMLReaderImpl.cpp | 6 ++++++
src/xercesc/parsers/SAXParser.cpp | 10 ++++++++++
src/xercesc/parsers/SAXParser.hpp | 33 +++++++++++++++++++++++++++++++
src/xercesc/util/XMLUni.cpp | 16 +++++++++++++++
src/xercesc/util/XMLUni.hpp | 1 +
7 files changed, 109 insertions(+)
diff --git a/src/xercesc/parsers/AbstractDOMParser.cpp b/src/xercesc/parsers/AbstractDOMParser.cpp
index 4526e8755..44cb6baa2 100644
--- a/src/xercesc/parsers/AbstractDOMParser.cpp
+++ b/src/xercesc/parsers/AbstractDOMParser.cpp
@@ -317,6 +317,11 @@ const XMLSize_t& AbstractDOMParser::getLowWaterMark() const
return fScanner->getLowWaterMark();
}
+bool AbstractDOMParser::getDisallowDoctype() const
+{
+ return fScanner->getDisallowDTD();
+}
+
bool AbstractDOMParser::getLoadExternalDTD() const
{
return fScanner->getLoadExternalDTD();
@@ -455,6 +460,11 @@ void AbstractDOMParser::setLowWaterMark(XMLSize_t lwm)
fScanner->setLowWaterMark(lwm);
}
+void AbstractDOMParser::setDisallowDoctype(const bool newState)
+{
+ fScanner->setDisallowDTD(newState);
+}
+
void AbstractDOMParser::setLoadExternalDTD(const bool newState)
{
fScanner->setLoadExternalDTD(newState);
diff --git a/src/xercesc/parsers/AbstractDOMParser.hpp b/src/xercesc/parsers/AbstractDOMParser.hpp
index 664a887ab..e179e5993 100644
--- a/src/xercesc/parsers/AbstractDOMParser.hpp
+++ b/src/xercesc/parsers/AbstractDOMParser.hpp
@@ -350,6 +350,20 @@ public :
*/
const XMLSize_t& getLowWaterMark() const;
+ /** Get the 'Disallow DOCTYPE (DTD)' flag
+ *
+ * This method returns the state of the parser's disallowed DOCTYPE
+ * flag.
+ *
+ * @return false, if the parser is currently configured to
+ * allow DOCTYPE, true otherwise.
+ *
+ * @see #setDisallowDoctype()
+ * @see #getLoadExternalDTD
+ * @see #getValidationScheme
+ */
+ bool getDisallowDoctype() const;
+
/** Get the 'Loading External DTD' flag
*
* This method returns the state of the parser's loading external DTD
@@ -359,6 +373,7 @@ public :
* ignore external DTD completely, true otherwise.
*
* @see #setLoadExternalDTD
+ * @see #getDisallowDoctype
* @see #getValidationScheme
*/
bool getLoadExternalDTD() const;
@@ -793,6 +808,23 @@ public :
*/
void setLowWaterMark(XMLSize_t lwm);
+ /** Set the 'Disallow DOCTYPE (DTD)' flag
+ *
+ * This method allows users to disable the processing of DOCTYPE (DTD).
+ * When set to true, the parser will throw an exception if the document
+ * contains the DOCTYPE node.
+ *
+ * The parser's default state is: false.
+ *
+ * @param newState The value specifying whether to disallow DOCTYPE
+ * or not.
+ *
+ * @see #setDisallowDoctype()
+ * @see #getLoadExternalDTD
+ * @see #getValidationScheme
+ */
+ void setDisallowDoctype(const bool newState);
+
/** Set the 'Loading External DTD' flag
*
* This method allows users to enable or disable the loading of external DTD.
@@ -807,6 +839,7 @@ public :
* be loaded or not.
*
* @see #getLoadExternalDTD
+ * @see #setDisallowDoctype
* @see #setValidationScheme
*/
void setLoadExternalDTD(const bool newState);
diff --git a/src/xercesc/parsers/SAX2XMLReaderImpl.cpp b/src/xercesc/parsers/SAX2XMLReaderImpl.cpp
index 473fb6666..c9bb64801 100644
--- a/src/xercesc/parsers/SAX2XMLReaderImpl.cpp
+++ b/src/xercesc/parsers/SAX2XMLReaderImpl.cpp
@@ -1302,6 +1302,10 @@ void SAX2XMLReaderImpl::setFeature(const XMLCh* const name, const bool value)
{
fScanner->setIdentityConstraintChecking(value);
}
+ else if (XMLString::compareIStringASCII(name, XMLUni::fgXercesDisallowDoctype) == 0)
+ {
+ fScanner->setDisallowDTD(value);
+ }
else if (XMLString::compareIStringASCII(name, XMLUni::fgXercesLoadExternalDTD) == 0)
{
fScanner->setLoadExternalDTD(value);
@@ -1386,6 +1390,8 @@ bool SAX2XMLReaderImpl::getFeature(const XMLCh* const name) const
return fScanner->getValidationSchemaFullChecking();
else if (XMLString::compareIStringASCII(name, XMLUni::fgXercesIdentityConstraintChecking) == 0)
return fScanner->getIdentityConstraintChecking();
+ else if (XMLString::compareIStringASCII(name, XMLUni::fgXercesDisallowDoctype) == 0)
+ return fScanner->getDisallowDTD();
else if (XMLString::compareIStringASCII(name, XMLUni::fgXercesLoadExternalDTD) == 0)
return fScanner->getLoadExternalDTD();
else if (XMLString::compareIStringASCII(name, XMLUni::fgXercesLoadSchema) == 0)
diff --git a/src/xercesc/parsers/SAXParser.cpp b/src/xercesc/parsers/SAXParser.cpp
index 8a46ad3ae..3a10eb97a 100644
--- a/src/xercesc/parsers/SAXParser.cpp
+++ b/src/xercesc/parsers/SAXParser.cpp
@@ -312,6 +312,11 @@ XMLSize_t SAXParser::getLowWaterMark() const
return fScanner->getLowWaterMark();
}
+bool SAXParser::getDisallowDoctype() const
+{
+ return fScanner->getDisallowDTD();
+}
+
bool SAXParser::getLoadExternalDTD() const
{
return fScanner->getLoadExternalDTD();
@@ -475,6 +480,11 @@ void SAXParser::setLowWaterMark(XMLSize_t lwm)
fScanner->setLowWaterMark(lwm);
}
+void SAXParser::setDisallowDoctype(const bool newState)
+{
+ fScanner->setDisallowDTD(newState);
+}
+
void SAXParser::setLoadExternalDTD(const bool newState)
{
fScanner->setLoadExternalDTD(newState);
diff --git a/src/xercesc/parsers/SAXParser.hpp b/src/xercesc/parsers/SAXParser.hpp
index c0c903dd0..d42eee109 100644
--- a/src/xercesc/parsers/SAXParser.hpp
+++ b/src/xercesc/parsers/SAXParser.hpp
@@ -380,6 +380,20 @@ public :
*/
XMLSize_t getLowWaterMark() const;
+ /** Get the 'Disallow DOCTYPE (DTD)' flag
+ *
+ * This method returns the state of the parser's disallowed DOCTYPE
+ * flag.
+ *
+ * @return false, if the parser is currently configured to
+ * allow DOCTYPE, true otherwise.
+ *
+ * @see #setDisallowDoctype()
+ * @see #getLoadExternalDTD
+ * @see #getValidationScheme
+ */
+ bool getDisallowDoctype() const;
+
/** Get the 'Loading External DTD' flag
*
* This method returns the state of the parser's loading external DTD
@@ -389,6 +403,7 @@ public :
* ignore external DTD completely, true otherwise.
*
* @see #setLoadExternalDTD
+ * @see #getDisallowDoctype
* @see #getValidationScheme
*/
bool getLoadExternalDTD() const;
@@ -791,6 +806,23 @@ public :
*/
void setLowWaterMark(XMLSize_t lwm);
+ /** Set the 'Disallow DOCTYPE (DTD)' flag
+ *
+ * This method allows users to disable the processing of DOCTYPE (DTD).
+ * When set to true, the parser will throw an exception if the document
+ * contains the DOCTYPE node.
+ *
+ * The parser's default state is: false.
+ *
+ * @param newState The value specifying whether to disallow DOCTYPE
+ * or not.
+ *
+ * @see #setDisallowDoctype()
+ * @see #getLoadExternalDTD
+ * @see #getValidationScheme
+ */
+ void setDisallowDoctype(const bool newState);
+
/** Set the 'Loading External DTD' flag
*
* This method allows users to enable or disable the loading of external DTD.
@@ -805,6 +837,7 @@ public :
* be loaded or not.
*
* @see #getLoadExternalDTD
+ * @see #setDisallowDoctype
* @see #setValidationScheme
*/
void setLoadExternalDTD(const bool newState);
diff --git a/src/xercesc/util/XMLUni.cpp b/src/xercesc/util/XMLUni.cpp
index c1672383d..184b34cab 100644
--- a/src/xercesc/util/XMLUni.cpp
+++ b/src/xercesc/util/XMLUni.cpp
@@ -1070,6 +1070,22 @@ const XMLCh XMLUni::fgXercesIdentityConstraintChecking[] =
, chLatin_n, chLatin_g, chNull
};
+//Xerces: http://apache.org/xml/features/nonvalidating/disallow-doctype
+const XMLCh XMLUni::fgXercesDisallowDoctype[] =
+{
+ chLatin_h, chLatin_t, chLatin_t, chLatin_p, chColon, chForwardSlash
+ , chForwardSlash, chLatin_a, chLatin_p, chLatin_a, chLatin_c, chLatin_h
+ , chLatin_e, chPeriod, chLatin_o, chLatin_r, chLatin_g, chForwardSlash
+ , chLatin_x, chLatin_m, chLatin_l, chForwardSlash, chLatin_f, chLatin_e
+ , chLatin_a, chLatin_t, chLatin_u, chLatin_r, chLatin_e, chLatin_s
+ , chForwardSlash, chLatin_n, chLatin_o, chLatin_n
+ , chLatin_v, chLatin_a, chLatin_l, chLatin_i, chLatin_d
+ , chLatin_a, chLatin_t, chLatin_i, chLatin_n, chLatin_g, chForwardSlash
+ , chLatin_d, chLatin_i, chLatin_s, chLatin_a, chLatin_l, chLatin_l, chLatin_o
+ , chLatin_w, chDash, chLatin_d, chLatin_o, chLatin_c, chLatin_t, chLatin_y
+ , chLatin_p, chLatin_e, chNull
+};
+
//Xerces: http://apache.org/xml/features/nonvalidating/load-external-dtd
const XMLCh XMLUni::fgXercesLoadExternalDTD[] =
{
diff --git a/src/xercesc/util/XMLUni.hpp b/src/xercesc/util/XMLUni.hpp
index 252dd0a8a..5fde8c8ba 100644
--- a/src/xercesc/util/XMLUni.hpp
+++ b/src/xercesc/util/XMLUni.hpp
@@ -224,6 +224,7 @@ public :
static const XMLCh fgXercesSchemaExternalSchemaLocation[];
static const XMLCh fgXercesSchemaExternalNoNameSpaceSchemaLocation[];
static const XMLCh fgXercesSecurityManager[];
+ static const XMLCh fgXercesDisallowDoctype[]; // DOMDisallowDoctype equivalent for SAX.
static const XMLCh fgXercesLoadExternalDTD[];
static const XMLCh fgXercesContinueAfterFatalError[];
static const XMLCh fgXercesValidationErrorAsFatal[];
---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscribe@xerces.apache.org
For additional commands, e-mail: c-dev-help@xerces.apache.org