Skip to content

Commit

Permalink
CAMEL-12444: Improved DTD handling in validator component.
Browse files Browse the repository at this point in the history
  • Loading branch information
davsclaus committed Apr 16, 2018
1 parent b4c0fbb commit 8467d64
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,7 @@ protected SchemaFactory createSchemaFactory() {
}
if (camelContext == null || !Boolean.parseBoolean(camelContext.getGlobalOptions().get(ACCESS_EXTERNAL_DTD))) {
try {
LOG.debug("Configuring SchemaFactory to not allow access to external DTD/Schema");
factory.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD, "");
} catch (SAXException e) {
LOG.warn(e.getMessage(), e);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
import java.net.URL;
import java.util.Collections;

import javax.xml.XMLConstants;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.Result;
import javax.xml.transform.Source;
Expand Down Expand Up @@ -53,6 +54,8 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import static org.apache.camel.processor.validation.SchemaReader.ACCESS_EXTERNAL_DTD;

/**
* A processor which validates the XML version of the inbound message body
* against some schema either in XSD or RelaxNG
Expand Down Expand Up @@ -100,6 +103,16 @@ protected void doProcess(Exchange exchange) throws Exception {
}

Validator validator = schema.newValidator();
// turn off access to external schema by default
if (!Boolean.parseBoolean(exchange.getContext().getGlobalOptions().get(ACCESS_EXTERNAL_DTD))) {
try {
LOG.debug("Configuring Validator to not allow access to external DTD/Schema");
validator.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD, "");
validator.setProperty(XMLConstants.ACCESS_EXTERNAL_SCHEMA, "");
} catch (SAXException e) {
LOG.warn(e.getMessage(), e);
}
}

// the underlying input stream, which we need to close to avoid locking files or other resources
Source source = null;
Expand Down

0 comments on commit 8467d64

Please # to comment.