Class XMLUtils


  • public class XMLUtils
    extends Object
    XML related utilities not otherwise found in base libraries
    Author:
    Andrea Aime - GeoSolutions
    • Constructor Summary

      Constructors 
      Constructor Description
      XMLUtils()  
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static void checkSupportForJAXP15Properties()
      Tests whether the TransformerFactory and SchemaFactory implementations support JAXP 1.5 properties to protect against XML external entity injection (XXE) attacks.
      static QName qName​(String name, NamespaceSupport namespaces)
      Creates a qualified name from a string by parsing out the colon as the prefix / local separator.
      static String removeXMLInvalidChars​(String in)
      Checks the string for XML invalid chars, and in case any is found, create a copy with the invalid ones removed.
      • Methods inherited from class Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • XMLUtils

        public XMLUtils()
    • Method Detail

      • checkSupportForJAXP15Properties

        public static void checkSupportForJAXP15Properties()
        Tests whether the TransformerFactory and SchemaFactory implementations support JAXP 1.5 properties to protect against XML external entity injection (XXE) attacks. The internal JDK XML processors starting with JDK 7u40 would support these properties but outdated versions of XML libraries (e.g., Xalan, Xerces) that do not support these properties may be included in GeoServer's classpath or provided by the web application server. This method is intended to support using third-party libraries (e.g., Hazelcast) that use these properties internally.
        Throws:
        IllegalStateException - if the JAXP 1.5 properties are not supported or if there was an error checking for JAXP 1.5 support
      • removeXMLInvalidChars

        public static String removeXMLInvalidChars​(String in)
        Checks the string for XML invalid chars, and in case any is found, create a copy with the invalid ones removed.
      • qName

        public static QName qName​(String name,
                                  NamespaceSupport namespaces)
        Creates a qualified name from a string by parsing out the colon as the prefix / local separator.
        Parameters:
        name - The possibly qualified name.
        namespaces - The namespace prefix uri mappings.