Package com.itextpdf.kernel.utils

Class DefaultSafeXmlParserFactory

java.lang.Object

com.itextpdf.kernel.utils.DefaultSafeXmlParserFactory

All Implemented Interfaces:

IXmlParserFactory

 public class DefaultSafeXmlParserFactory extends Object implements IXmlParserFactory 
      

Implementation of IXmlParserFactory for creating safe xml parser objects. Creates parsers with configuration to prevent XML bombs and XXE attacks.

Constructor Summary

Constructors

Constructor	Description
DefaultSafeXmlParserFactory()	Creates instance of DefaultSafeXmlParserFactory.

Method Summary

Modifier and Type	Method	Description
protected void	configureSafeDocumentBuilderFactory(DocumentBuilderFactory factory)	Configures document builder factory to make it secure against xml attacks.
protected void	configureSafeSAXParserFactory(SAXParserFactory factory)	Configures SAX parser factory to make it secure against xml attacks.
protected DocumentBuilderFactory	createDocumentBuilderFactory()	Creates a document builder factory implementation.
DocumentBuilder	createDocumentBuilderInstance(boolean namespaceAware, boolean ignoringComments)	Creates the instance of the DocumentBuilder.
protected SAXParserFactory	createSAXParserFactory()	Creates a SAX parser factory implementation.
XMLReader	createXMLReaderInstance(boolean namespaceAware, boolean validating)	Creates the instance of the XMLReader.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

DefaultSafeXmlParserFactory

 public DefaultSafeXmlParserFactory() 
            

Creates instance of DefaultSafeXmlParserFactory.

Method Details

createDocumentBuilderInstance

 public DocumentBuilder createDocumentBuilderInstance 
             (boolean namespaceAware, boolean ignoringComments) 
            

Description copied from interface: IXmlParserFactory

Creates the instance of the DocumentBuilder.

Specified by:

createDocumentBuilderInstance in interface IXmlParserFactory

Parameters:

namespaceAware - specifies whether the parser should be namespace aware

ignoringComments - specifies whether the parser should ignore comments

Returns:

instance of the DocumentBuilder

createXMLReaderInstance

 public XMLReader createXMLReaderInstance 
             (boolean namespaceAware, boolean validating) 
            

Description copied from interface: IXmlParserFactory

Creates the instance of the XMLReader.

Specified by:

createXMLReaderInstance in interface IXmlParserFactory

Parameters:

namespaceAware - specifies whether the parser should be namespace aware

validating - specifies whether the parser should validate documents as they are parsed

Returns:

instance of the XMLReader

createDocumentBuilderFactory

 protected DocumentBuilderFactory createDocumentBuilderFactory() 
            

Creates a document builder factory implementation.

Returns:

result of DocumentBuilderFactory.newInstance() call

createSAXParserFactory

 protected SAXParserFactory createSAXParserFactory() 
            

Creates a SAX parser factory implementation.

Returns:

result of SAXParserFactory.newInstance() call

configureSafeDocumentBuilderFactory

 protected void configureSafeDocumentBuilderFactory 
             (DocumentBuilderFactory factory) 
            

Configures document builder factory to make it secure against xml attacks.

Parameters:

factory - DocumentBuilderFactory instance to be configured

configureSafeSAXParserFactory

 protected void configureSafeSAXParserFactory 
             (SAXParserFactory factory) 
            

Configures SAX parser factory to make it secure against xml attacks.

Parameters:

factory - SAXParserFactory instance to be configured