680 try { 681 spf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, 682 fComponentManager.getFeature(XMLConstants.FEATURE_SECURE_PROCESSING)); 683 reader = spf.newSAXParser().getXMLReader(); 684 // If this is a Xerces SAX parser, set the security manager if there is one 685 if (reader instanceof com.sun.org.apache.xerces.internal.parsers.SAXParser) { 686 XMLSecurityManager securityManager = (XMLSecurityManager) fComponentManager.getProperty(SECURITY_MANAGER); 687 if (securityManager != null) { 688 try { 689 reader.setProperty(SECURITY_MANAGER, securityManager); 690 } 691 // Ignore the exception if the security manager cannot be set. 692 catch (SAXException exc) {} 693 } 694 try { 695 XMLSecurityPropertyManager spm = (XMLSecurityPropertyManager) 696 fComponentManager.getProperty(XML_SECURITY_PROPERTY_MANAGER); 697 reader.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD, 698 spm.getValue(XMLSecurityPropertyManager.Property.ACCESS_EXTERNAL_DTD)); 699 } catch (SAXException exc) { 700 System.err.println("Warning: " + reader.getClass().getName() + ": " + 701 exc.getMessage()); 702 } 703 } 704 } catch( Exception e ) { 705 // this is impossible, but better safe than sorry 706 throw new FactoryConfigurationError(e); 707 } 708 } 709 710 // If XML names and Namespace URIs are already internalized we 711 // can avoid running them through the SymbolTable. 712 try { 713 fStringsInternalized = reader.getFeature(STRING_INTERNING); 714 } 715 catch (SAXException exc) { 716 // The feature isn't recognized or getting it is not supported. 717 // In either case, assume that strings are not internalized. 718 fStringsInternalized = false; 719 } 720 721 ErrorHandler errorHandler = fComponentManager.getErrorHandler(); | 680 try { 681 spf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, 682 fComponentManager.getFeature(XMLConstants.FEATURE_SECURE_PROCESSING)); 683 reader = spf.newSAXParser().getXMLReader(); 684 // If this is a Xerces SAX parser, set the security manager if there is one 685 if (reader instanceof com.sun.org.apache.xerces.internal.parsers.SAXParser) { 686 XMLSecurityManager securityManager = (XMLSecurityManager) fComponentManager.getProperty(SECURITY_MANAGER); 687 if (securityManager != null) { 688 try { 689 reader.setProperty(SECURITY_MANAGER, securityManager); 690 } 691 // Ignore the exception if the security manager cannot be set. 692 catch (SAXException exc) {} 693 } 694 try { 695 XMLSecurityPropertyManager spm = (XMLSecurityPropertyManager) 696 fComponentManager.getProperty(XML_SECURITY_PROPERTY_MANAGER); 697 reader.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD, 698 spm.getValue(XMLSecurityPropertyManager.Property.ACCESS_EXTERNAL_DTD)); 699 } catch (SAXException exc) { 700 XMLSecurityManager.printWarning(reader.getClass().getName(), 701 XMLConstants.ACCESS_EXTERNAL_DTD, exc); 702 } 703 } 704 } catch( Exception e ) { 705 // this is impossible, but better safe than sorry 706 throw new FactoryConfigurationError(e); 707 } 708 } 709 710 // If XML names and Namespace URIs are already internalized we 711 // can avoid running them through the SymbolTable. 712 try { 713 fStringsInternalized = reader.getFeature(STRING_INTERNING); 714 } 715 catch (SAXException exc) { 716 // The feature isn't recognized or getting it is not supported. 717 // In either case, assume that strings are not internalized. 718 fStringsInternalized = false; 719 } 720 721 ErrorHandler errorHandler = fComponentManager.getErrorHandler(); |