gw.xml.simple.SimpleXmlParser

public class SimpleXmlParser extends Object

Field Details
- _saxParser
  
  private static ThreadLocal<SAXParser> _saxParser
Constructor Details
- SimpleXmlParser
  
  private SimpleXmlParser()
Method Details
- parseFile
  
  public static SimpleXmlNode parseFile(File file)
- parseInputStream
  
  public static SimpleXmlNode parseInputStream(InputStream stream)
- parseString
  
  public static SimpleXmlNode parseString(String s)
- maybeWrapException
  
  private static RuntimeException maybeWrapException(Exception e)
- makeSAXParser
  
  private static SAXParser makeSAXParser() throws ParserConfigurationException, SAXException
  
  Throws:
  
  ParserConfigurationException
  
  SAXException
- disableExternalEntities
  
  private static void disableExternalEntities(SAXParserFactory factory) throws ParserConfigurationException, SAXNotRecognizedException, SAXNotSupportedException
  
  The purpose of this method is to prevent vulnerabilities related to XXE (XML external entity injection). Although the nature of XML parsing in this case is such that it is _not_ vulnerable, we configure the parser in this way to appease those who demand zero alarm results from static analysis tooling such as Veracode.
  
  Throws:
  
  ParserConfigurationException
  
  SAXNotRecognizedException
  
  SAXNotSupportedException

Class SimpleXmlParser

Field Summary