Class XmlUtils

java.lang.Object
org.owasp.dependencycheck.utils.XmlUtils
public final class XmlUtils extends Object
Collection of XML related code.
Version:
$Id: $Id
Author:
Jeremy Long

  • Field Details

  • Method Details

    • buildSecureValidatingXmlReader

      public static XMLReader buildSecureValidatingXmlReader(AutoCloseableInputSource... schemas) throws ParserConfigurationException, SAXException
      Constructs a validating secure SAX XMLReader that can validate against schemas maintained locally.
      Parameters:
      schemas - One or more schemas with the schema(s) that the parser should be able to validate the XML against, one InputSource per schema
      Returns:
      a validating SAX-based XML reader; pre-configured to validate against the locally passed schemas
      Throws:
      ParserConfigurationException - is thrown if there is a parser configuration exception
      SAXException - is thrown if there is an issue setting SAX features on the parser; or creating the parser

    • buildSecureXmlReader

      public static XMLReader buildSecureXmlReader() throws ParserConfigurationException, SAXException
      Constructs a non-validating secure SAX XMLReader.
      Returns:
      a non-validating SAX-based XML reader
      Throws:
      ParserConfigurationException - is thrown if there is a parser configuration exception
      SAXException - is thrown if there is an issue setting SAX features on the parser; or creating the parser

    • parseBoolean

      public static boolean parseBoolean(String lexicalXSDBoolean)
      Converts an attribute value representing an xsd:boolean value to a boolean using the rules as stated in the XML specification.
      Parameters:
      lexicalXSDBoolean - The string-value of the boolean
      Returns:
      the boolean value represented by lexicalXSDBoolean
      Throws:
      IllegalArgumentException - When lexicalXSDBoolean does fit the lexical space of the XSD boolean datatype

    • buildSecureSaxParser

      public static SAXParser buildSecureSaxParser() throws ParserConfigurationException, SAXException
      Constructs a secure non-validating SAX Parser.
      Returns:
      a SAX Parser
      Throws:
      ParserConfigurationException - is thrown if there is a parser configuration exception
      SAXException - is thrown if there is an issue setting SAX features on the parser; or creating the parser

    • buildSecureDocumentBuilder

      public static DocumentBuilder buildSecureDocumentBuilder() throws ParserConfigurationException
      Constructs a new document builder with security features enabled.
      Returns:
      a new document builder
      Throws:
      ParserConfigurationException - thrown if there is a parser configuration exception

    • getPrettyParseExceptionInfo

      public static String getPrettyParseExceptionInfo(SAXParseException ex)
      Builds a prettier exception message.
      Parameters:
      ex - the SAXParseException
      Returns:
      an easier to read exception message