| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| <?xml version="1.0"?> | ||
| <!-- | ||
| Licensed to the Apache Software Foundation (ASF) under one or more | ||
| contributor license agreements. See the NOTICE file distributed with | ||
| this work for additional information regarding copyright ownership. | ||
| The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| (the "License"); you may not use this file except in compliance with | ||
| the License. You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, software | ||
| distributed under the License is distributed on an "AS IS" BASIS, | ||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| See the License for the specific language governing permissions and | ||
| limitations under the License. | ||
| --> | ||
| <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
| <modelVersion>4.0.0</modelVersion> | ||
| <parent> | ||
| <groupId>org.apache.nifi</groupId> | ||
| <artifactId>nifi-commons</artifactId> | ||
| <version>1.17.0-SNAPSHOT</version> | ||
| </parent> | ||
| <artifactId>nifi-xml-processing</artifactId> | ||
| <version>1.17.0-SNAPSHOT</version> | ||
| <packaging>jar</packaging> | ||
| <build> | ||
| <plugins> | ||
| <plugin> | ||
| <groupId>com.github.spotbugs</groupId> | ||
| <artifactId>spotbugs-maven-plugin</artifactId> | ||
| <version>4.6.0.0</version> | ||
| <executions> | ||
| <execution> | ||
| <phase>package</phase> | ||
| <goals> | ||
| <goal>check</goal> | ||
| </goals> | ||
| </execution> | ||
| </executions> | ||
| <configuration> | ||
| <effort>Max</effort> | ||
| <threshold>low</threshold> | ||
| <failOnError>true</failOnError> | ||
| <plugins> | ||
| <plugin> | ||
| <groupId>com.h3xstream.findsecbugs</groupId> | ||
| <artifactId>findsecbugs-plugin</artifactId> | ||
| <version>1.12.0</version> | ||
| </plugin> | ||
| </plugins> | ||
| </configuration> | ||
| </plugin> | ||
| </plugins> | ||
| </build> | ||
| </project> |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing; | ||
|
|
||
| /** | ||
| * General Exception for XML processing problems | ||
| */ | ||
| public class ProcessingException extends RuntimeException { | ||
| /** | ||
| * Processing Exception with message and cause for tracing | ||
| * | ||
| * @param message Error Message | ||
| * @param cause Throwable cause for tracing | ||
| */ | ||
| public ProcessingException(final String message, final Throwable cause) { | ||
| super(message, cause); | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing; | ||
|
|
||
| import javax.xml.XMLConstants; | ||
|
|
||
| /** | ||
| * XML Processing Features | ||
| */ | ||
| public enum ProcessingFeature { | ||
| /** Secure Processing */ | ||
| SECURE_PROCESSING(XMLConstants.FEATURE_SECURE_PROCESSING, true), | ||
|
|
||
| /** SAX Namespaces */ | ||
| SAX_NAMESPACES("http://xml.org/sax/features/namespaces", true), | ||
|
|
||
| /** SAX Namespace Prefixes */ | ||
| SAX_NAMESPACE_PREFIXES("http://xml.org/sax/features/namespace-prefixes", true), | ||
|
|
||
| /** Disallow Document Type Declaration */ | ||
| DISALLOW_DOCTYPE_DECL("http://apache.org/xml/features/disallow-doctype-decl", true); | ||
|
|
||
| private final String feature; | ||
|
|
||
| private final boolean enabled; | ||
|
|
||
| ProcessingFeature(final String feature, final boolean enabled) { | ||
| this.feature = feature; | ||
| this.enabled = enabled; | ||
| } | ||
|
|
||
| public String getFeature() { | ||
| return feature; | ||
| } | ||
|
|
||
| public boolean isEnabled() { | ||
| return enabled; | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,41 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.parsers; | ||
|
|
||
| import org.w3c.dom.Document; | ||
|
|
||
| import java.io.InputStream; | ||
|
|
||
| /** | ||
| * Provider for instances of Document Object Model | ||
| */ | ||
| public interface DocumentProvider { | ||
| /** | ||
| * Create new Document | ||
| * | ||
| * @return Document | ||
| */ | ||
| Document newDocument(); | ||
|
|
||
| /** | ||
| * Parse InputStream to Document | ||
| * | ||
| * @param inputStream InputStream to be parsed | ||
| * @return Document parsed from stream | ||
| */ | ||
| Document parse(InputStream inputStream); | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,126 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.parsers; | ||
|
|
||
| import org.apache.nifi.xml.processing.ProcessingException; | ||
| import org.apache.nifi.xml.processing.ProcessingFeature; | ||
| import org.w3c.dom.Document; | ||
| import org.xml.sax.ErrorHandler; | ||
| import org.xml.sax.SAXException; | ||
|
|
||
| import javax.xml.XMLConstants; | ||
| import javax.xml.parsers.DocumentBuilder; | ||
| import javax.xml.parsers.DocumentBuilderFactory; | ||
| import javax.xml.parsers.ParserConfigurationException; | ||
| import javax.xml.validation.Schema; | ||
| import java.io.IOException; | ||
| import java.io.InputStream; | ||
| import java.util.Objects; | ||
|
|
||
| /** | ||
| * Standard implementation of Document Provider with secure processing enabled | ||
| */ | ||
| public class StandardDocumentProvider implements DocumentProvider { | ||
| private boolean namespaceAware; | ||
|
|
||
| private Schema schema; | ||
|
|
||
| private ErrorHandler errorHandler; | ||
|
|
||
| /** | ||
| * Set Error Handler | ||
| * | ||
| * @param errorHandler Error Handler | ||
| */ | ||
| public void setErrorHandler(final ErrorHandler errorHandler) { | ||
| this.errorHandler = errorHandler; | ||
| } | ||
|
|
||
| /** | ||
| * Set Namespace Aware status on DocumentBuilderFactory | ||
| * | ||
| * @param namespaceAware Namespace Awareness | ||
| */ | ||
| public void setNamespaceAware(final boolean namespaceAware) { | ||
| this.namespaceAware = namespaceAware; | ||
| } | ||
|
|
||
| /** | ||
| * Set Namespace Aware status on DocumentBuilderFactory | ||
| * | ||
| * @param schema Schema for validation or null to disable validation | ||
| */ | ||
| public void setSchema(final Schema schema) { | ||
| this.schema = schema; | ||
| } | ||
|
|
||
| @Override | ||
| public Document newDocument() { | ||
| final DocumentBuilderFactory documentBuilderFactory = getDocumentBuilderFactory(); | ||
|
|
||
| try { | ||
| documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, ProcessingFeature.SECURE_PROCESSING.isEnabled()); | ||
| documentBuilderFactory.setFeature(ProcessingFeature.DISALLOW_DOCTYPE_DECL.getFeature(), ProcessingFeature.DISALLOW_DOCTYPE_DECL.isEnabled()); | ||
|
|
||
| final DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); | ||
| documentBuilder.setErrorHandler(errorHandler); | ||
|
|
||
| return documentBuilder.newDocument(); | ||
| } catch (final ParserConfigurationException e) { | ||
| throw new ProcessingException("Configuration failed", e); | ||
| } | ||
| } | ||
|
|
||
| /** | ||
| * Build and return DocumentBuilder | ||
| * | ||
| * @return DocumentBuilder configured using provided properties | ||
| */ | ||
| @Override | ||
| public Document parse(final InputStream inputStream) { | ||
| Objects.requireNonNull(inputStream, "InputStream required"); | ||
| final DocumentBuilderFactory documentBuilderFactory = getDocumentBuilderFactory(); | ||
|
|
||
| try { | ||
| documentBuilderFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, ProcessingFeature.SECURE_PROCESSING.isEnabled()); | ||
| documentBuilderFactory.setFeature(ProcessingFeature.DISALLOW_DOCTYPE_DECL.getFeature(), isDisallowDocumentTypeDeclaration()); | ||
|
|
||
| final DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); | ||
| documentBuilder.setErrorHandler(errorHandler); | ||
|
|
||
| return documentBuilder.parse(inputStream); | ||
| } catch (final ParserConfigurationException|SAXException|IOException e) { | ||
| throw new ProcessingException("Parsing failed", e); | ||
| } | ||
| } | ||
|
|
||
| protected boolean isDisallowDocumentTypeDeclaration() { | ||
| return ProcessingFeature.DISALLOW_DOCTYPE_DECL.isEnabled(); | ||
| } | ||
|
|
||
| private DocumentBuilderFactory getDocumentBuilderFactory() { | ||
| final DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); | ||
|
|
||
| documentBuilderFactory.setSchema(schema); | ||
| documentBuilderFactory.setNamespaceAware(namespaceAware); | ||
|
|
||
| documentBuilderFactory.setXIncludeAware(false); | ||
| documentBuilderFactory.setExpandEntityReferences(false); | ||
|
|
||
| return documentBuilderFactory; | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.sax; | ||
|
|
||
| import org.xml.sax.ContentHandler; | ||
| import org.xml.sax.InputSource; | ||
|
|
||
| /** | ||
| * SAX Input Source Parser | ||
| */ | ||
| public interface InputSourceParser { | ||
| /** | ||
| * Parse Input Source using Content Handler | ||
| * | ||
| * @param inputSource Input Source to be parsed | ||
| * @param contentHandler Content Handler used during parsing | ||
| */ | ||
| void parse(InputSource inputSource, ContentHandler contentHandler); | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,90 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.sax; | ||
|
|
||
| import org.apache.nifi.xml.processing.ProcessingException; | ||
| import org.apache.nifi.xml.processing.ProcessingFeature; | ||
| import org.xml.sax.ContentHandler; | ||
| import org.xml.sax.InputSource; | ||
| import org.xml.sax.SAXException; | ||
| import org.xml.sax.XMLReader; | ||
|
|
||
| import javax.xml.XMLConstants; | ||
| import javax.xml.parsers.ParserConfigurationException; | ||
| import javax.xml.parsers.SAXParser; | ||
| import javax.xml.parsers.SAXParserFactory; | ||
| import java.io.IOException; | ||
| import java.util.Objects; | ||
|
|
||
| /** | ||
| * Standard implementation of Input Source Parser with secure processing enabled | ||
| */ | ||
| public class StandardInputSourceParser implements InputSourceParser { | ||
| private boolean namespaceAware; | ||
|
|
||
| /** | ||
| * Set Namespace Aware status on SAXParserFactory | ||
| * | ||
| * @param namespaceAware Namespace Aware status | ||
| */ | ||
| public void setNamespaceAware(final boolean namespaceAware) { | ||
| this.namespaceAware = namespaceAware; | ||
| } | ||
|
|
||
| /** | ||
| * Parse Input Source using Content Handler | ||
| * | ||
| * @param inputSource Input Source to be parsed | ||
| * @param contentHandler Content Handler used during parsing | ||
| */ | ||
| @Override | ||
| public void parse(final InputSource inputSource, final ContentHandler contentHandler) { | ||
| Objects.requireNonNull(inputSource, "InputSource required"); | ||
| Objects.requireNonNull(contentHandler, "ContentHandler required"); | ||
|
|
||
| try { | ||
| parseInputSource(inputSource, contentHandler); | ||
| } catch (final ParserConfigurationException|SAXException e) { | ||
| throw new ProcessingException("Parsing failed", e); | ||
| } | ||
| } | ||
|
|
||
| private void parseInputSource(final InputSource inputSource, final ContentHandler contentHandler) throws ParserConfigurationException, SAXException { | ||
| final SAXParserFactory saxParserFactory = SAXParserFactory.newInstance(); | ||
| saxParserFactory.setNamespaceAware(namespaceAware); | ||
| saxParserFactory.setXIncludeAware(false); | ||
|
|
||
| saxParserFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, ProcessingFeature.SECURE_PROCESSING.isEnabled()); | ||
| saxParserFactory.setFeature(ProcessingFeature.DISALLOW_DOCTYPE_DECL.getFeature(), ProcessingFeature.DISALLOW_DOCTYPE_DECL.isEnabled()); | ||
|
|
||
| if (namespaceAware) { | ||
| saxParserFactory.setFeature(ProcessingFeature.SAX_NAMESPACES.getFeature(), ProcessingFeature.SAX_NAMESPACES.isEnabled()); | ||
| saxParserFactory.setFeature(ProcessingFeature.SAX_NAMESPACE_PREFIXES.getFeature(), ProcessingFeature.SAX_NAMESPACE_PREFIXES.isEnabled()); | ||
| } | ||
|
|
||
| final SAXParser parser = saxParserFactory.newSAXParser(); | ||
|
|
||
| final XMLReader reader = parser.getXMLReader(); | ||
| reader.setContentHandler(contentHandler); | ||
|
|
||
| try { | ||
| reader.parse(inputSource); | ||
| } catch (final IOException e) { | ||
| throw new ProcessingException("Parsing failed", e); | ||
| } | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,51 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.stream; | ||
|
|
||
| import org.apache.nifi.xml.processing.ProcessingException; | ||
|
|
||
| import javax.xml.stream.XMLEventReader; | ||
| import javax.xml.stream.XMLInputFactory; | ||
| import javax.xml.stream.XMLStreamException; | ||
| import javax.xml.transform.stream.StreamSource; | ||
| import java.util.Objects; | ||
|
|
||
| /** | ||
| * Standard implementation of XMLStreamReader provider with secure processing enabled | ||
| */ | ||
| public class StandardXMLEventReaderProvider implements XMLEventReaderProvider { | ||
| /** | ||
| * Get XML Event Reader | ||
| * | ||
| * @param streamSource Stream Source for Reader | ||
| * @return Configured XML Event Reader | ||
| */ | ||
| @Override | ||
| public XMLEventReader getEventReader(final StreamSource streamSource) { | ||
| Objects.requireNonNull(streamSource, "StreamSource required"); | ||
|
|
||
| final XMLInputFactory inputFactory = XMLInputFactory.newFactory(); | ||
| inputFactory.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, false); | ||
| inputFactory.setProperty(XMLInputFactory.SUPPORT_DTD, false); | ||
|
|
||
| try { | ||
| return inputFactory.createXMLEventReader(streamSource); | ||
| } catch (final XMLStreamException e) { | ||
| throw new ProcessingException("Reader creation failed", e); | ||
| } | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,51 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.stream; | ||
|
|
||
| import org.apache.nifi.xml.processing.ProcessingException; | ||
|
|
||
| import javax.xml.stream.XMLInputFactory; | ||
| import javax.xml.stream.XMLStreamException; | ||
| import javax.xml.stream.XMLStreamReader; | ||
| import javax.xml.transform.stream.StreamSource; | ||
| import java.util.Objects; | ||
|
|
||
| /** | ||
| * Standard implementation of XMLStreamReader provider with secure processing enabled | ||
| */ | ||
| public class StandardXMLStreamReaderProvider implements XMLStreamReaderProvider { | ||
| /** | ||
| * Get XML Stream Reader with external entities disabled | ||
| * | ||
| * @param streamSource Stream Source for Reader | ||
| * @return Configured XML Stream Reader | ||
| */ | ||
| @Override | ||
| public XMLStreamReader getStreamReader(final StreamSource streamSource) { | ||
| Objects.requireNonNull(streamSource, "StreamSource required"); | ||
|
|
||
| final XMLInputFactory inputFactory = XMLInputFactory.newFactory(); | ||
| inputFactory.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, false); | ||
| inputFactory.setProperty(XMLInputFactory.SUPPORT_DTD, false); | ||
|
|
||
| try { | ||
| return inputFactory.createXMLStreamReader(streamSource); | ||
| } catch (final XMLStreamException e) { | ||
| throw new ProcessingException("Reader creation failed", e); | ||
| } | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.stream; | ||
|
|
||
| import javax.xml.stream.XMLEventReader; | ||
| import javax.xml.transform.stream.StreamSource; | ||
|
|
||
| /** | ||
| * Provider for instances of XMLEventReader | ||
| */ | ||
| public interface XMLEventReaderProvider { | ||
| /** | ||
| * Get XML Event Reader | ||
| * | ||
| * @param streamSource Stream Source for Reader | ||
| * @return Configured XML Event Reader | ||
| */ | ||
| XMLEventReader getEventReader(StreamSource streamSource); | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.stream; | ||
|
|
||
| import javax.xml.stream.XMLStreamReader; | ||
| import javax.xml.transform.stream.StreamSource; | ||
|
|
||
| /** | ||
| * Provider for instances of XMLStreamReader | ||
| */ | ||
| public interface XMLStreamReaderProvider { | ||
| /** | ||
| * Get XML Stream Reader | ||
| * | ||
| * @param streamSource Stream Source for Reader | ||
| * @return Configured XML Stream Reader | ||
| */ | ||
| XMLStreamReader getStreamReader(StreamSource streamSource); | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.validation; | ||
|
|
||
| import javax.xml.transform.Source; | ||
| import javax.xml.validation.Schema; | ||
|
|
||
| /** | ||
| * XML Schema Validator | ||
| */ | ||
| public interface SchemaValidator { | ||
| /** | ||
| * Validate Source using Schema | ||
| * | ||
| * @param schema Schema source for Validator | ||
| * @param source Source to be validated | ||
| */ | ||
| void validate(Schema schema, Source source); | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.validation; | ||
|
|
||
| import org.apache.nifi.xml.processing.ProcessingException; | ||
| import org.apache.nifi.xml.processing.ProcessingFeature; | ||
| import org.xml.sax.SAXException; | ||
|
|
||
| import javax.xml.XMLConstants; | ||
| import javax.xml.transform.Source; | ||
| import javax.xml.validation.Schema; | ||
| import javax.xml.validation.Validator; | ||
| import java.io.IOException; | ||
| import java.util.Objects; | ||
|
|
||
| /** | ||
| * Standard implementation of XML Schema Validator with secure processing enabled | ||
| */ | ||
| public class StandardSchemaValidator implements SchemaValidator { | ||
| /** | ||
| * Validate Source using Schema | ||
| * | ||
| * @param schema Schema source for Validator | ||
| * @param source Source to be validated | ||
| */ | ||
| @Override | ||
| public void validate(final Schema schema, final Source source) { | ||
| Objects.requireNonNull(schema, "Schema required"); | ||
| Objects.requireNonNull(source, "Source required"); | ||
|
|
||
| final Validator validator = schema.newValidator(); | ||
|
|
||
| try { | ||
| validator.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, ProcessingFeature.SECURE_PROCESSING.isEnabled()); | ||
| } catch (final SAXException e) { | ||
| throw new ProcessingException("Validator configuration failed", e); | ||
| } | ||
|
|
||
| try { | ||
| validator.validate(source); | ||
| } catch (final SAXException|IOException e) { | ||
| throw new ProcessingException("Validation failed", e); | ||
| } | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,65 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing; | ||
|
|
||
| import java.io.InputStream; | ||
|
|
||
| public class ResourceProvider { | ||
| private static final String STANDARD_DOCUMENT_DOCTYPE_ENTITY = "/standard-document-doctype-entity.xml"; | ||
|
|
||
| private static final String STANDARD_DOCUMENT_DOCTYPE = "/standard-document-doctype.xml"; | ||
|
|
||
| private static final String STANDARD_DOCUMENT = "/standard-document.xml"; | ||
|
|
||
| private static final String STANDARD_NAMESPACE_DOCUMENT = "/standard-namespace-document.xml"; | ||
|
|
||
| private static final String STANDARD_NAMESPACE_DOCUMENT_DOCTYPE_ENTITY = "/standard-namespace-document-doctype-entity.xml"; | ||
|
|
||
| private static final String STANDARD_SCHEMA = "/standard-schema.xsd"; | ||
|
|
||
| public static InputStream getStandardDocument() { | ||
| return getResource(STANDARD_DOCUMENT); | ||
| } | ||
|
|
||
| public static InputStream getStandardDocumentDocTypeEntity() { | ||
| return getResource(STANDARD_DOCUMENT_DOCTYPE_ENTITY); | ||
| } | ||
|
|
||
| public static InputStream getStandardDocumentDocType() { | ||
| return getResource(STANDARD_DOCUMENT_DOCTYPE); | ||
| } | ||
|
|
||
| public static InputStream getStandardNamespaceDocument() { | ||
| return getResource(STANDARD_NAMESPACE_DOCUMENT); | ||
| } | ||
|
|
||
| public static InputStream getStandardNamespaceDocumentDocTypeEntity() { | ||
| return getResource(STANDARD_NAMESPACE_DOCUMENT_DOCTYPE_ENTITY); | ||
| } | ||
|
|
||
| public static InputStream getStandardSchema() { | ||
| return getResource(STANDARD_SCHEMA); | ||
| } | ||
|
|
||
| private static InputStream getResource(final String path) { | ||
| final InputStream resource = ResourceProvider.class.getResourceAsStream(path); | ||
| if (resource == null) { | ||
| throw new IllegalStateException(String.format("Resource [%s] not found", path)); | ||
| } | ||
| return resource; | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,108 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.parsers; | ||
|
|
||
| import org.apache.nifi.xml.processing.ProcessingException; | ||
| import org.apache.nifi.xml.processing.ResourceProvider; | ||
| import org.junit.jupiter.api.Test; | ||
| import org.junit.jupiter.api.extension.ExtendWith; | ||
| import org.mockito.Mock; | ||
| import org.mockito.junit.jupiter.MockitoExtension; | ||
| import org.w3c.dom.Document; | ||
| import org.xml.sax.ErrorHandler; | ||
| import org.xml.sax.SAXParseException; | ||
|
|
||
| import javax.xml.validation.Schema; | ||
| import javax.xml.validation.ValidatorHandler; | ||
|
|
||
| import java.io.IOException; | ||
| import java.io.InputStream; | ||
|
|
||
| import static org.junit.jupiter.api.Assertions.assertInstanceOf; | ||
| import static org.junit.jupiter.api.Assertions.assertNotNull; | ||
| import static org.junit.jupiter.api.Assertions.assertThrows; | ||
| import static org.mockito.Mockito.when; | ||
|
|
||
| @ExtendWith(MockitoExtension.class) | ||
| class StandardDocumentProviderTest { | ||
| @Mock | ||
| Schema schema; | ||
|
|
||
| @Mock | ||
| ValidatorHandler validatorHandler; | ||
|
|
||
| @Mock | ||
| ErrorHandler errorHandler; | ||
|
|
||
| @Test | ||
| void testNewDocument() { | ||
| final StandardDocumentProvider provider = new StandardDocumentProvider(); | ||
|
|
||
| final Document document = provider.newDocument(); | ||
|
|
||
| assertNotNull(document); | ||
| } | ||
|
|
||
| @Test | ||
| void testParseStandard() throws IOException { | ||
| final StandardDocumentProvider provider = new StandardDocumentProvider(); | ||
|
|
||
| try (final InputStream inputStream = ResourceProvider.getStandardDocument()) { | ||
| final Document document = provider.parse(inputStream); | ||
| assertNotNull(document); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| void testParseDocumentTypeDeclarationException() throws IOException { | ||
| final StandardDocumentProvider provider = new StandardDocumentProvider(); | ||
|
|
||
| try (final InputStream inputStream = ResourceProvider.getStandardDocumentDocType()) { | ||
| assertParsingException(inputStream, provider); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| void testParseExternalEntityException() throws IOException { | ||
| final StandardDocumentProvider provider = new StandardDocumentProvider(); | ||
|
|
||
| assertParsingException(provider); | ||
| } | ||
|
|
||
| @Test | ||
| void testParseNamespaceAwareSchemaConfiguredExternalEntityException() throws IOException { | ||
| when(schema.newValidatorHandler()).thenReturn(validatorHandler); | ||
|
|
||
| final StandardDocumentProvider provider = new StandardDocumentProvider(); | ||
| provider.setNamespaceAware(true); | ||
| provider.setSchema(schema); | ||
| provider.setErrorHandler(errorHandler); | ||
|
|
||
| assertParsingException(provider); | ||
| } | ||
|
|
||
| private void assertParsingException(final StandardDocumentProvider provider) throws IOException { | ||
| try (final InputStream inputStream = ResourceProvider.getStandardDocumentDocTypeEntity()) { | ||
| assertParsingException(inputStream, provider); | ||
| } | ||
| } | ||
|
|
||
| private void assertParsingException(final InputStream inputStream, final StandardDocumentProvider provider) { | ||
| final ProcessingException processingException = assertThrows(ProcessingException.class, () -> provider.parse(inputStream)); | ||
| assertInstanceOf(SAXParseException.class, processingException.getCause()); | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,85 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.sax; | ||
|
|
||
| import org.apache.nifi.xml.processing.ProcessingException; | ||
| import org.apache.nifi.xml.processing.ResourceProvider; | ||
| import org.junit.jupiter.api.Test; | ||
| import org.junit.jupiter.api.extension.ExtendWith; | ||
| import org.mockito.Mock; | ||
| import org.mockito.junit.jupiter.MockitoExtension; | ||
| import org.xml.sax.ContentHandler; | ||
| import org.xml.sax.InputSource; | ||
| import org.xml.sax.SAXParseException; | ||
| import org.xml.sax.helpers.DefaultHandler; | ||
|
|
||
| import java.io.IOException; | ||
| import java.io.InputStream; | ||
|
|
||
| import static org.junit.jupiter.api.Assertions.assertInstanceOf; | ||
| import static org.junit.jupiter.api.Assertions.assertThrows; | ||
|
|
||
| @ExtendWith(MockitoExtension.class) | ||
| public class StandardInputSourceParserTest { | ||
| @Mock | ||
| ContentHandler contentHandler; | ||
|
|
||
| @Test | ||
| void testParseStandard() throws IOException { | ||
| final StandardInputSourceParser parser = new StandardInputSourceParser(); | ||
|
|
||
| try (final InputStream inputStream = ResourceProvider.getStandardDocument()) { | ||
| parser.parse(new InputSource(inputStream), contentHandler); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| void testParseDocumentTypeDeclarationException() throws IOException { | ||
| final StandardInputSourceParser parser = new StandardInputSourceParser(); | ||
|
|
||
| try (final InputStream inputStream = ResourceProvider.getStandardDocumentDocType()) { | ||
| assertParsingException(inputStream, parser); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| void testParseExternalEntityException() throws IOException { | ||
| final StandardInputSourceParser parser = new StandardInputSourceParser(); | ||
|
|
||
| assertParsingException(parser); | ||
| } | ||
|
|
||
| @Test | ||
| void testParseNamespaceAwareExternalEntityException() throws IOException { | ||
| final StandardInputSourceParser parser = new StandardInputSourceParser(); | ||
|
|
||
| parser.setNamespaceAware(true); | ||
|
|
||
| assertParsingException(parser); | ||
| } | ||
|
|
||
| private void assertParsingException(final StandardInputSourceParser parser) throws IOException { | ||
| try (final InputStream inputStream = ResourceProvider.getStandardDocumentDocTypeEntity()) { | ||
| assertParsingException(inputStream, parser); | ||
| } | ||
| } | ||
|
|
||
| private void assertParsingException(final InputStream inputStream, final StandardInputSourceParser parser) { | ||
| final ProcessingException processingException = assertThrows(ProcessingException.class, () -> parser.parse(new InputSource(inputStream), new DefaultHandler())); | ||
| assertInstanceOf(SAXParseException.class, processingException.getCause()); | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.stream; | ||
|
|
||
| import org.apache.nifi.xml.processing.ResourceProvider; | ||
| import org.junit.jupiter.api.Test; | ||
|
|
||
| import javax.xml.stream.XMLEventReader; | ||
| import javax.xml.stream.XMLStreamException; | ||
| import javax.xml.transform.stream.StreamSource; | ||
| import java.io.IOException; | ||
| import java.io.InputStream; | ||
|
|
||
| import static org.junit.jupiter.api.Assertions.assertDoesNotThrow; | ||
| import static org.junit.jupiter.api.Assertions.assertThrows; | ||
|
|
||
| public class StandardXMLEventReaderProviderTest { | ||
| @Test | ||
| void testGetEventReaderStandard() throws IOException, XMLStreamException { | ||
| final StandardXMLEventReaderProvider provider = new StandardXMLEventReaderProvider(); | ||
|
|
||
| try (final InputStream inputStream = ResourceProvider.getStandardDocument()) { | ||
| final XMLEventReader reader = provider.getEventReader(new StreamSource(inputStream)); | ||
| processReader(reader); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| void testGetEventReaderStandardDocumentTypeDeclaration() throws IOException { | ||
| final StandardXMLEventReaderProvider provider = new StandardXMLEventReaderProvider(); | ||
|
|
||
| try (final InputStream inputStream = ResourceProvider.getStandardDocumentDocType()) { | ||
| final XMLEventReader reader = provider.getEventReader(new StreamSource(inputStream)); | ||
| assertDoesNotThrow(() -> processReader(reader)); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| void testGetEventReaderStandardExternalEntityException() throws IOException { | ||
| final StandardXMLEventReaderProvider provider = new StandardXMLEventReaderProvider(); | ||
|
|
||
| try (final InputStream inputStream = ResourceProvider.getStandardDocumentDocTypeEntity()) { | ||
| final XMLEventReader reader = provider.getEventReader(new StreamSource(inputStream)); | ||
| assertThrows(XMLStreamException.class, () -> processReader(reader)); | ||
| } | ||
| } | ||
|
|
||
| private void processReader(final XMLEventReader reader) throws XMLStreamException { | ||
| while (reader.hasNext()) { | ||
| reader.nextEvent(); | ||
| } | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.stream; | ||
|
|
||
| import org.apache.nifi.xml.processing.ResourceProvider; | ||
| import org.junit.jupiter.api.Test; | ||
|
|
||
| import javax.xml.stream.XMLStreamException; | ||
| import javax.xml.stream.XMLStreamReader; | ||
| import javax.xml.transform.stream.StreamSource; | ||
| import java.io.IOException; | ||
| import java.io.InputStream; | ||
|
|
||
| import static org.junit.jupiter.api.Assertions.assertDoesNotThrow; | ||
| import static org.junit.jupiter.api.Assertions.assertThrows; | ||
|
|
||
| public class StandardXMLStreamReaderProviderTest { | ||
| @Test | ||
| void testGetStreamReaderStandard() throws IOException, XMLStreamException { | ||
| final StandardXMLStreamReaderProvider provider = new StandardXMLStreamReaderProvider(); | ||
|
|
||
| try (final InputStream inputStream = ResourceProvider.getStandardDocument()) { | ||
| final XMLStreamReader reader = provider.getStreamReader(new StreamSource(inputStream)); | ||
| processReader(reader); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| void testGetStreamReaderStandardDocumentTypeDeclaration() throws IOException { | ||
| final StandardXMLStreamReaderProvider provider = new StandardXMLStreamReaderProvider(); | ||
|
|
||
| try (final InputStream inputStream = ResourceProvider.getStandardDocumentDocType()) { | ||
| final XMLStreamReader reader = provider.getStreamReader(new StreamSource(inputStream)); | ||
| assertDoesNotThrow(() -> processReader(reader)); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| void testGetStreamReaderStandardExternalEntityException() throws IOException { | ||
| final StandardXMLStreamReaderProvider provider = new StandardXMLStreamReaderProvider(); | ||
|
|
||
| try (final InputStream inputStream = ResourceProvider.getStandardDocumentDocTypeEntity()) { | ||
| final XMLStreamReader reader = provider.getStreamReader(new StreamSource(inputStream)); | ||
| assertThrows(XMLStreamException.class, () -> processReader(reader)); | ||
| } | ||
| } | ||
|
|
||
| private void processReader(final XMLStreamReader reader) throws XMLStreamException { | ||
| while (reader.hasNext()) { | ||
| reader.next(); | ||
| } | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,68 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more | ||
| * contributor license agreements. See the NOTICE file distributed with | ||
| * this work for additional information regarding copyright ownership. | ||
| * The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| * (the "License"); you may not use this file except in compliance with | ||
| * the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
| package org.apache.nifi.xml.processing.validation; | ||
|
|
||
| import org.apache.nifi.xml.processing.ProcessingException; | ||
| import org.apache.nifi.xml.processing.ResourceProvider; | ||
| import org.junit.jupiter.api.Test; | ||
| import org.xml.sax.SAXException; | ||
|
|
||
| import javax.xml.transform.stream.StreamSource; | ||
| import javax.xml.validation.Schema; | ||
| import javax.xml.validation.SchemaFactory; | ||
|
|
||
| import java.io.IOException; | ||
| import java.io.InputStream; | ||
|
|
||
| import static org.junit.jupiter.api.Assertions.assertInstanceOf; | ||
| import static org.junit.jupiter.api.Assertions.assertThrows; | ||
|
|
||
| public class StandardSchemaValidatorTest { | ||
| private static final String SCHEMA_LANGUAGE = "http://www.w3.org/2001/XMLSchema"; | ||
|
|
||
| @Test | ||
| void testValidate() throws SAXException, IOException { | ||
| final SchemaFactory schemaFactory = SchemaFactory.newInstance(SCHEMA_LANGUAGE); | ||
| final Schema schema; | ||
| try (final InputStream inputStream = ResourceProvider.getStandardSchema()) { | ||
| schema = schemaFactory.newSchema(new StreamSource(inputStream)); | ||
| } | ||
|
|
||
| final StandardSchemaValidator validator = new StandardSchemaValidator(); | ||
|
|
||
| try (final InputStream inputStream = ResourceProvider.getStandardNamespaceDocument()) { | ||
| validator.validate(schema, new StreamSource(inputStream)); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| void testValidateExternalEntityException() throws SAXException, IOException { | ||
| final SchemaFactory schemaFactory = SchemaFactory.newInstance(SCHEMA_LANGUAGE); | ||
| final Schema schema; | ||
| try (final InputStream inputStream = ResourceProvider.getStandardSchema()) { | ||
| schema = schemaFactory.newSchema(new StreamSource(inputStream)); | ||
| } | ||
|
|
||
| final StandardSchemaValidator validator = new StandardSchemaValidator(); | ||
|
|
||
| try (final InputStream inputStream = ResourceProvider.getStandardNamespaceDocumentDocTypeEntity()) { | ||
| final ProcessingException exception = assertThrows(ProcessingException.class, () -> validator.validate(schema, new StreamSource(inputStream))); | ||
| final Throwable cause = exception.getCause(); | ||
| assertInstanceOf(SAXException.class, cause); | ||
| } | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?><!DOCTYPE standard [<!ENTITY entity SYSTEM 'file:///file-not-found'> %entity;]> | ||
| <!-- | ||
| Licensed to the Apache Software Foundation (ASF) under one or more | ||
| contributor license agreements. See the NOTICE file distributed with | ||
| this work for additional information regarding copyright ownership. | ||
| The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| (the "License"); you may not use this file except in compliance with | ||
| the License. You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, software | ||
| distributed under the License is distributed on an "AS IS" BASIS, | ||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| See the License for the specific language governing permissions and | ||
| limitations under the License. | ||
| --> | ||
| <standard>&entity;</standard> |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?><!DOCTYPE standard> | ||
| <!-- | ||
| Licensed to the Apache Software Foundation (ASF) under one or more | ||
| contributor license agreements. See the NOTICE file distributed with | ||
| this work for additional information regarding copyright ownership. | ||
| The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| (the "License"); you may not use this file except in compliance with | ||
| the License. You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, software | ||
| distributed under the License is distributed on an "AS IS" BASIS, | ||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| See the License for the specific language governing permissions and | ||
| limitations under the License. | ||
| --> | ||
| <standard /> |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | ||
| <!-- | ||
| Licensed to the Apache Software Foundation (ASF) under one or more | ||
| contributor license agreements. See the NOTICE file distributed with | ||
| this work for additional information regarding copyright ownership. | ||
| The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| (the "License"); you may not use this file except in compliance with | ||
| the License. You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, software | ||
| distributed under the License is distributed on an "AS IS" BASIS, | ||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| See the License for the specific language governing permissions and | ||
| limitations under the License. | ||
| --> | ||
| <standard /> |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?><!DOCTYPE standard [<!ENTITY entity SYSTEM 'file:///file-not-found'> %entity;]> | ||
| <!-- | ||
| Licensed to the Apache Software Foundation (ASF) under one or more | ||
| contributor license agreements. See the NOTICE file distributed with | ||
| this work for additional information regarding copyright ownership. | ||
| The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| (the "License"); you may not use this file except in compliance with | ||
| the License. You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, software | ||
| distributed under the License is distributed on an "AS IS" BASIS, | ||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| See the License for the specific language governing permissions and | ||
| limitations under the License. | ||
| --> | ||
| <standard xmlns="urn:standard">&entity;</standard> |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| <?xml version="1.0" encoding="UTF-8" standalone="yes"?> | ||
| <!-- | ||
| Licensed to the Apache Software Foundation (ASF) under one or more | ||
| contributor license agreements. See the NOTICE file distributed with | ||
| this work for additional information regarding copyright ownership. | ||
| The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| (the "License"); you may not use this file except in compliance with | ||
| the License. You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, software | ||
| distributed under the License is distributed on an "AS IS" BASIS, | ||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| See the License for the specific language governing permissions and | ||
| limitations under the License. | ||
| --> | ||
| <standard xmlns="urn:standard" /> |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| <?xml version="1.0" encoding="UTF-8" ?> | ||
| <!-- | ||
| Licensed to the Apache Software Foundation (ASF) under one or more | ||
| contributor license agreements. See the NOTICE file distributed with | ||
| this work for additional information regarding copyright ownership. | ||
| The ASF licenses this file to You under the Apache License, Version 2.0 | ||
| (the "License"); you may not use this file except in compliance with | ||
| the License. You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, software | ||
| distributed under the License is distributed on an "AS IS" BASIS, | ||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| See the License for the specific language governing permissions and | ||
| limitations under the License. | ||
| --> | ||
| <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:standard"> | ||
| <xs:element name="standard" /> | ||
| </xs:schema> |