You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@poi.apache.org by fa...@apache.org on 2017/06/24 07:30:08 UTC
svn commit: r1799734 - in /poi/trunk/src:
java/org/apache/poi/sl/draw/DrawSimpleShape.java
java/org/apache/poi/sl/draw/geom/PresetGeometries.java
java/org/apache/poi/util/StaxHelper.java
ooxml/java/org/apache/poi/xssf/usermodel/XSSFTableStyle.java
Author: fanningpj
Date: Sat Jun 24 07:30:07 2017
New Revision: 1799734
URL: http://svn.apache.org/viewvc?rev=1799734&view=rev
Log:
Add StaxHelper to ensure that StAX parsers have sensible defaults, including settings to avoid XML Entity Expansion issues
Added:
poi/trunk/src/java/org/apache/poi/util/StaxHelper.java (with props)
Modified:
poi/trunk/src/java/org/apache/poi/sl/draw/DrawSimpleShape.java
poi/trunk/src/java/org/apache/poi/sl/draw/geom/PresetGeometries.java
poi/trunk/src/ooxml/java/org/apache/poi/xssf/usermodel/XSSFTableStyle.java
Modified: poi/trunk/src/java/org/apache/poi/sl/draw/DrawSimpleShape.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/java/org/apache/poi/sl/draw/DrawSimpleShape.java?rev=1799734&r1=1799733&r2=1799734&view=diff
==============================================================================
--- poi/trunk/src/java/org/apache/poi/sl/draw/DrawSimpleShape.java (original)
+++ poi/trunk/src/java/org/apache/poi/sl/draw/DrawSimpleShape.java Sat Jun 24 07:30:07 2017
@@ -53,6 +53,7 @@ import org.apache.poi.sl.usermodel.Paint
import org.apache.poi.sl.usermodel.Shadow;
import org.apache.poi.sl.usermodel.SimpleShape;
import org.apache.poi.util.IOUtils;
+import org.apache.poi.util.StaxHelper;
import org.apache.poi.util.Units;
@@ -363,7 +364,7 @@ public class DrawSimpleShape extends Dra
};
try {
- XMLInputFactory staxFactory = XMLInputFactory.newInstance();
+ XMLInputFactory staxFactory = StaxHelper.newXMLInputFactory();
XMLEventReader staxReader = staxFactory.createXMLEventReader(presetIS);
XMLEventReader staxFiltRd = staxFactory.createFilteredReader(staxReader, startElementFilter);
// Ignore StartElement:
Modified: poi/trunk/src/java/org/apache/poi/sl/draw/geom/PresetGeometries.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/java/org/apache/poi/sl/draw/geom/PresetGeometries.java?rev=1799734&r1=1799733&r2=1799734&view=diff
==============================================================================
--- poi/trunk/src/java/org/apache/poi/sl/draw/geom/PresetGeometries.java (original)
+++ poi/trunk/src/java/org/apache/poi/sl/draw/geom/PresetGeometries.java Sat Jun 24 07:30:07 2017
@@ -37,6 +37,7 @@ import javax.xml.stream.events.XMLEvent;
import org.apache.poi.sl.draw.binding.CTCustomGeometry2D;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
+import org.apache.poi.util.StaxHelper;
/**
*
@@ -59,7 +60,7 @@ public class PresetGeometries extends Li
}
};
- XMLInputFactory staxFactory = XMLInputFactory.newFactory();
+ XMLInputFactory staxFactory = StaxHelper.newXMLInputFactory();
XMLEventReader staxReader = staxFactory.createXMLEventReader(is);
XMLEventReader staxFiltRd = staxFactory.createFilteredReader(staxReader, startElementFilter);
// ignore StartElement:
Added: poi/trunk/src/java/org/apache/poi/util/StaxHelper.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/java/org/apache/poi/util/StaxHelper.java?rev=1799734&view=auto
==============================================================================
--- poi/trunk/src/java/org/apache/poi/util/StaxHelper.java (added)
+++ poi/trunk/src/java/org/apache/poi/util/StaxHelper.java Sat Jun 24 07:30:07 2017
@@ -0,0 +1,52 @@
+/* ====================================================================
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+==================================================================== */
+
+package org.apache.poi.util;
+
+import javax.xml.stream.XMLInputFactory;
+
+
+/**
+ * Provides handy methods for working with StAX parsers and readers
+ */
+public final class StaxHelper {
+ private static final POILogger logger = POILogFactory.getLogger(StaxHelper.class);
+
+ private StaxHelper() {}
+
+ /**
+ * Creates a new StAX XMLInputFactory, with sensible defaults
+ */
+ public static XMLInputFactory newXMLInputFactory() {
+ XMLInputFactory factory = XMLInputFactory.newFactory();
+ trySetProperty(factory, XMLInputFactory.IS_NAMESPACE_AWARE, true);
+ trySetProperty(factory, XMLInputFactory.IS_VALIDATING, false);
+ trySetProperty(factory, XMLInputFactory.SUPPORT_DTD, false);
+ trySetProperty(factory, XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, false);
+ return factory;
+ }
+
+ private static void trySetProperty(XMLInputFactory factory, String feature, boolean flag) {
+ try {
+ factory.setProperty(feature, flag);
+ } catch (Exception e) {
+ logger.log(POILogger.WARN, "StAX Property unsupported", feature, e);
+ } catch (AbstractMethodError ame) {
+ logger.log(POILogger.WARN, "Cannot set StAX property because outdated StAX parser in classpath", feature, ame);
+ }
+ }
+}
Propchange: poi/trunk/src/java/org/apache/poi/util/StaxHelper.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: poi/trunk/src/ooxml/java/org/apache/poi/xssf/usermodel/XSSFTableStyle.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/ooxml/java/org/apache/poi/xssf/usermodel/XSSFTableStyle.java?rev=1799734&r1=1799733&r2=1799734&view=diff
==============================================================================
--- poi/trunk/src/ooxml/java/org/apache/poi/xssf/usermodel/XSSFTableStyle.java (original)
+++ poi/trunk/src/ooxml/java/org/apache/poi/xssf/usermodel/XSSFTableStyle.java Sat Jun 24 07:30:07 2017
@@ -25,6 +25,8 @@ import java.util.Map;
import org.apache.poi.ss.usermodel.DifferentialStyleProvider;
import org.apache.poi.ss.usermodel.TableStyle;
import org.apache.poi.ss.usermodel.TableStyleType;
+import org.apache.poi.util.POILogFactory;
+import org.apache.poi.util.POILogger;
import org.apache.xmlbeans.XmlCursor;
import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.XmlObject;
@@ -39,6 +41,7 @@ import org.openxmlformats.schemas.spread
* Also used for built-in styles via dummy XML generated from presetTableStyles.xml.
*/
public class XSSFTableStyle implements TableStyle {
+ private static final POILogger logger = POILogFactory.getLogger(XSSFTableStyle.class);
private final String name;
private final int index;
@@ -76,8 +79,7 @@ public class XSSFTableStyle implements T
}
if (dxf != null) dxfList.add(dxf);
} catch (XmlException e) {
- // ignore
- e.printStackTrace();
+ logger.log(POILogger.WARN, "Error parsing XSSFTableStyle", e);
}
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@poi.apache.org
For additional commands, e-mail: commits-help@poi.apache.org