You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@santuario.apache.org by "Peter De Maeyer (Jira)" <ji...@apache.org> on 2020/02/04 21:37:00 UTC

[jira] [Updated] (SANTUARIO-523) XMLSecurityStreamReader ignores information in XML document declaration

     [ https://issues.apache.org/jira/browse/SANTUARIO-523?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Peter De Maeyer updated SANTUARIO-523:
--------------------------------------
    Attachment: SANTUARIO-523.patch

> XMLSecurityStreamReader ignores information in XML document declaration
> -----------------------------------------------------------------------
>
>                 Key: SANTUARIO-523
>                 URL: https://issues.apache.org/jira/browse/SANTUARIO-523
>             Project: Santuario
>          Issue Type: Bug
>          Components: Java
>    Affects Versions: Java 2.1.4
>            Reporter: Peter De Maeyer
>            Assignee: Colm O hEigeartaigh
>            Priority: Major
>             Fix For: Java 2.2.0, Java 2.1.5
>
>         Attachments: SANTUARIO-523.patch
>
>
> {{XMLSecurityStreamReader}} ignores information such as version, character encoding scheme and standalone-ness in the XML document declaration.
> The implementation always returns {{null}}/{{false}}, indicating the defaults version "1.0", character encoding scheme "UTF-8", even if the XML document specifies something else.
> The following example will have the wrong version, encoding and standalone-ness:
> {code:xml}
> <?xml version='1.1' encoding='ISO-8859-1' standalone='yes'?>
> </Document>
> {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)