Hi all, If the web.xml containing fully qualified URL, jetty by default tries to resolve it, even if validation is set to false. <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd";>
This prevents local jetty for staring programatically if the machine is not connected to the internet, or is behind a proxy server. The relevant code in org.eclipse.jetty.xml.XmlParser There are few ways to disable that, either by: 1- Adding feature http://apache.org/xml/features/nonvalidating/load-external-dtd in XmlParser._parser.getXMLReader() 2- Override XmlParser.resolveEntity() to return empty InputSource. 3- Possibility to create new XmlParser from WebDescriptor. However, those options are not possible with the current jetty code, and we ended up overriding protected WebDescriptor._parserSingleton. Is there a possibility to have a configuration parameter for disabling entity resolution? Below are related code snippets Thanks,Ahmed -----------------------------------Minimal test case that shows the error, run this from a machine without internet connection or it is behind a proxy. XmlParser parser = new XmlParser(false); // to have <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd";> parser.parse(new File("web.xml")); ----------------------------------- Nasty workaround: final Field field = WebDescriptor.class.getDeclaredField("_parserSingleton"); field.setAccessible(true); field.set(null, new XmlParser(false) { @Override protected InputSource resolveEntity(final String pid, final String sid) { return new InputSource(new StringReader("")); } });-----------------------------------
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
