cxf git commit: [CXF-6766] Optionally disabling the secure processing in XSLTJaxbProvider, patch from Vjacheslav Borisov applied

Wed, 03 Feb 2016 02:29:29 -0800 

Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 6649ac50a -> 6388665b1


[CXF-6766] Optionally disabling the secure processing in XSLTJaxbProvider, 
patch from Vjacheslav Borisov applied


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6388665b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6388665b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6388665b

Branch: refs/heads/3.0.x-fixes
Commit: 6388665b1d188fed9cdde88432bdce8d5277ef4a
Parents: 6649ac5
Author: Sergey Beryozkin <[email protected]>
Authored: Wed Feb 3 10:25:55 2016 +0000
Committer: Sergey Beryozkin <[email protected]>
Committed: Wed Feb 3 10:27:54 2016 +0000

----------------------------------------------------------------------
 .../java/org/apache/cxf/jaxrs/provider/XSLTJaxbProvider.java  | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/6388665b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/XSLTJaxbProvider.java
----------------------------------------------------------------------
diff --git 
a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/XSLTJaxbProvider.java
 
b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/XSLTJaxbProvider.java
index bf1e13e..f846aa1 100644
--- 
a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/XSLTJaxbProvider.java
+++ 
b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/XSLTJaxbProvider.java
@@ -108,6 +108,7 @@ public class XSLTJaxbProvider<T> extends 
JAXBElementProvider<T> {
     
     private boolean supportJaxbOnly;
     private boolean refreshTemplates;
+    private boolean secureProcessing = true;
     
     public void setSupportJaxbOnly(boolean support) {
         this.supportJaxbOnly = support;
@@ -520,7 +521,7 @@ public class XSLTJaxbProvider<T> extends 
JAXBElementProvider<T> {
             source.setSystemId(urlStream.toExternalForm());
             if (factory == null) {
                 factory = 
(SAXTransformerFactory)TransformerFactory.newInstance();
-                factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, 
Boolean.TRUE);
+                factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, 
secureProcessing);
                 if (uriResolver != null) {
                     factory.setURIResolver(uriResolver);
                 }
@@ -537,6 +538,10 @@ public class XSLTJaxbProvider<T> extends 
JAXBElementProvider<T> {
         this.refreshTemplates = refresh;
     }
 
+    public void setSecureProcessing(boolean secureProcessing) {
+        this.secureProcessing = secureProcessing;
+    }
+
     private static class TemplatesImpl implements Templates {
 
         private Templates templates;

Reply via email to