Repository: activemq-artemis Updated Branches: refs/heads/master 879f4a6bb -> 48d9951d8
ActiveMQ6-112 Add defaults to the selector parser doc builder Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/48d9951d Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/48d9951d Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/48d9951d Branch: refs/heads/master Commit: 48d9951d879e0c8cbb59d4b64ab59d53ef88310d Parents: 879f4a6 Author: Martyn Taylor <mtay...@redhat.com> Authored: Thu May 21 10:49:45 2015 +0100 Committer: Martyn Taylor <mtay...@redhat.com> Committed: Thu May 21 13:00:11 2015 +0100 ---------------------------------------------------------------------- .../selector/filter/XalanXPathEvaluator.java | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/48d9951d/artemis-selector/src/main/java/org/apache/activemq/artemis/selector/filter/XalanXPathEvaluator.java ---------------------------------------------------------------------- diff --git a/artemis-selector/src/main/java/org/apache/activemq/artemis/selector/filter/XalanXPathEvaluator.java b/artemis-selector/src/main/java/org/apache/activemq/artemis/selector/filter/XalanXPathEvaluator.java index 315773e..007f5ff 100644 --- a/artemis-selector/src/main/java/org/apache/activemq/artemis/selector/filter/XalanXPathEvaluator.java +++ b/artemis-selector/src/main/java/org/apache/activemq/artemis/selector/filter/XalanXPathEvaluator.java @@ -18,6 +18,7 @@ package org.apache.activemq.artemis.selector.filter; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; import java.io.StringReader; import org.apache.xpath.CachedXPathAPI; @@ -56,9 +57,7 @@ public class XalanXPathEvaluator implements XPathExpression.XPathEvaluator { try { - DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); - factory.setNamespaceAware(true); - DocumentBuilder dbuilder = factory.newDocumentBuilder(); + DocumentBuilder dbuilder = createDocumentBuilder(); Document doc = dbuilder.parse(inputSource); //An XPath expression could return a true or false value instead of a node. @@ -75,11 +74,22 @@ public class XalanXPathEvaluator implements XPathExpression.XPathEvaluator NodeIterator iterator = cachedXPathAPI.selectNodeIterator(doc, xpath); return (iterator.nextNode() != null); } - } catch (Throwable e) { return false; } } + + private DocumentBuilder createDocumentBuilder() throws ParserConfigurationException + { + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + factory.setNamespaceAware(true); + + factory.setFeature("http://xml.org/sax/features/external-general-entities";, false); + factory.setFeature("http://xml.org/sax/features/external-parameter-entities";, false); + factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl";, true); + + return factory.newDocumentBuilder(); + } }
