org.apache.solr.util
public final class EmptyEntityResolver extends Object
This class also provides static methods to configure SAX and StAX parsers to be safe.
Parsers will get an empty, closed stream for every external entity, so they will not fail while parsing (unless the external entity is needed for processing!).
Modifier and Type | Field and Description |
---|---|
static EntityResolver |
SAX_INSTANCE |
static XMLResolver |
STAX_INSTANCE |
Modifier and Type | Method and Description |
---|---|
static void |
configureSAXParserFactory(SAXParserFactory saxFactory)
Configures the given
SAXParserFactory to do secure XML processing of untrusted sources. |
static void |
configureXMLInputFactory(XMLInputFactory inputFactory)
Configures the given
XMLInputFactory to not parse external entities. |
public static final EntityResolver SAX_INSTANCE
public static final XMLResolver STAX_INSTANCE
public static void configureSAXParserFactory(SAXParserFactory saxFactory)
SAXParserFactory
to do secure XML processing of untrusted sources.
It is required to also set SAX_INSTANCE
on the created XMLReader
.SAX_INSTANCE
public static void configureXMLInputFactory(XMLInputFactory inputFactory)
XMLInputFactory
to not parse external entities.
No further configuration on is needed, all required entity resolvers are configured.Copyright © 2000-2014 Apache Software Foundation. All Rights Reserved.