680 try {
681 spf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING,
682 fComponentManager.getFeature(XMLConstants.FEATURE_SECURE_PROCESSING));
683 reader = spf.newSAXParser().getXMLReader();
684 // If this is a Xerces SAX parser, set the security manager if there is one
685 if (reader instanceof com.sun.org.apache.xerces.internal.parsers.SAXParser) {
686 XMLSecurityManager securityManager = (XMLSecurityManager) fComponentManager.getProperty(SECURITY_MANAGER);
687 if (securityManager != null) {
688 try {
689 reader.setProperty(SECURITY_MANAGER, securityManager);
690 }
691 // Ignore the exception if the security manager cannot be set.
692 catch (SAXException exc) {}
693 }
694 try {
695 XMLSecurityPropertyManager spm = (XMLSecurityPropertyManager)
696 fComponentManager.getProperty(XML_SECURITY_PROPERTY_MANAGER);
697 reader.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD,
698 spm.getValue(XMLSecurityPropertyManager.Property.ACCESS_EXTERNAL_DTD));
699 } catch (SAXException exc) {
700 System.err.println("Warning: " + reader.getClass().getName() + ": " +
701 exc.getMessage());
702 }
703 }
704 } catch( Exception e ) {
705 // this is impossible, but better safe than sorry
706 throw new FactoryConfigurationError(e);
707 }
708 }
709
710 // If XML names and Namespace URIs are already internalized we
711 // can avoid running them through the SymbolTable.
712 try {
713 fStringsInternalized = reader.getFeature(STRING_INTERNING);
714 }
715 catch (SAXException exc) {
716 // The feature isn't recognized or getting it is not supported.
717 // In either case, assume that strings are not internalized.
718 fStringsInternalized = false;
719 }
720
721 ErrorHandler errorHandler = fComponentManager.getErrorHandler();
|
680 try {
681 spf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING,
682 fComponentManager.getFeature(XMLConstants.FEATURE_SECURE_PROCESSING));
683 reader = spf.newSAXParser().getXMLReader();
684 // If this is a Xerces SAX parser, set the security manager if there is one
685 if (reader instanceof com.sun.org.apache.xerces.internal.parsers.SAXParser) {
686 XMLSecurityManager securityManager = (XMLSecurityManager) fComponentManager.getProperty(SECURITY_MANAGER);
687 if (securityManager != null) {
688 try {
689 reader.setProperty(SECURITY_MANAGER, securityManager);
690 }
691 // Ignore the exception if the security manager cannot be set.
692 catch (SAXException exc) {}
693 }
694 try {
695 XMLSecurityPropertyManager spm = (XMLSecurityPropertyManager)
696 fComponentManager.getProperty(XML_SECURITY_PROPERTY_MANAGER);
697 reader.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD,
698 spm.getValue(XMLSecurityPropertyManager.Property.ACCESS_EXTERNAL_DTD));
699 } catch (SAXException exc) {
700 XMLSecurityManager.printWarning(reader.getClass().getName(),
701 XMLConstants.ACCESS_EXTERNAL_DTD, exc);
702 }
703 }
704 } catch( Exception e ) {
705 // this is impossible, but better safe than sorry
706 throw new FactoryConfigurationError(e);
707 }
708 }
709
710 // If XML names and Namespace URIs are already internalized we
711 // can avoid running them through the SymbolTable.
712 try {
713 fStringsInternalized = reader.getFeature(STRING_INTERNING);
714 }
715 catch (SAXException exc) {
716 // The feature isn't recognized or getting it is not supported.
717 // In either case, assume that strings are not internalized.
718 fStringsInternalized = false;
719 }
720
721 ErrorHandler errorHandler = fComponentManager.getErrorHandler();
|