Hi,
How can we achieve the $subject? I have tried below code
String fileData = "<?xml version=\"1.0\" encoding=\"UTF-8\"
standalone=\"yes\"?><!DOCTYPE sampleVal [ <!ENTITY sampleVal SYSTEM
\"file:///media/sample\">]><configuration><driverClassName>com.mysql.jdbc.Driver</driverClassName><url>jdbc:mysql://localhost:3306/test</url><username>&sampleVal;</username><password
encrypted=\"true\">test</password></configuration>";
TransformerFactory transformerFactory = TransformerFactory.newInstance();
transformerFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
Transformer transformer = transformerFactory.newTransformer();
StringWriter buff = new StringWriter();
transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
transformer.transform(new StreamSource(new
StringReader(fileData)), new StreamResult(buff));
System.out.println(buff.toString());
but it still expands the DTD and replace the value in xml. result is as below
<!DOCTYPE acunetix [
<!ENTITY acunetixent SYSTEM
"file:///media/rajith/Office/Wso2/support/DHSDEV-1/sample" >
]>
<configuration><driverClassName>com.mysql.jdbc.Driver</driverClassName><url>jdbc:mysql://localhost:3306/test</url><username>test
</username><password encrypted="true">test123</password></configuration>
which contains the expanded dtd value. Appreciate any pointers regarding this.
Note that underlying we are using
"org.apache.xalan.processor.TransformerFactoryImpl" and it doesn't
support the "XMLConstants.ACCESS_EXTERNAL_DTD" feature as well.
Thanks,
--
Rajith Vitharana
Software Engineer,
WSO2 Inc. : wso2.com
Mobile : +94715883223
Blog : http://lankavitharana.blogspot.com/
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
