Java Tutorial/XML/Entities
Escapes all necessary characters in the String so that it can be used in an XML doc
/**
* $Revision: 10205 $
* $Date: 2008-04-11 15:48:27 -0700 (Fri, 11 Apr 2008) $
*
* Copyright (C) 2004-2008 Jive Software. All rights reserved.
*
* This software is published under the terms of the GNU Public License (GPL),
* a copy of which is included in this distribution, or a commercial license
* agreement with Jive.
*/
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.text.BreakIterator;
import java.util.*;
import java.util.concurrent.ConcurrentHashMap;
/**
* Utility class to peform common String manipulation algorithms.
*/
public class StringUtils {
// Constants used by escapeHTMLTags
private static final char[] QUOTE_ENCODE = """.toCharArray();
private static final char[] AMP_ENCODE = "&".toCharArray();
private static final char[] LT_ENCODE = "<".toCharArray();
private static final char[] GT_ENCODE = ">".toCharArray();
private StringUtils() {
// Not instantiable.
}
/**
* Escapes all necessary characters in the String so that it can be used
* in an XML doc.
*
* @param string the string to escape.
* @return the string with appropriate characters escaped.
*/
public static String escapeForXML(String string) {
if (string == null) {
return null;
}
char ch;
int i = 0;
int last = 0;
char[] input = string.toCharArray();
int len = input.length;
StringBuilder out = new StringBuilder((int)(len * 1.3));
for (; i < len; i++) {
ch = input[i];
if (ch > ">") {
}
else if (ch == "<") {
if (i > last) {
out.append(input, last, i - last);
}
last = i + 1;
out.append(LT_ENCODE);
}
else if (ch == "&") {
if (i > last) {
out.append(input, last, i - last);
}
last = i + 1;
out.append(AMP_ENCODE);
}
else if (ch == """) {
if (i > last) {
out.append(input, last, i - last);
}
last = i + 1;
out.append(QUOTE_ENCODE);
}
}
if (last == 0) {
return string;
}
if (i > last) {
out.append(input, last, i - last);
}
return out.toString();
}
}
Preventing Expansion of Entity References While Parsing an XML File
import java.io.File;
import javax.xml.parsers.DocumentBuilderFactory;
import org.w3c.dom.Document;
public class Main {
public static void main(String[] argv) throws Exception{
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setValidating(true);
// Prevent expansion of entity references
factory.setExpandEntityReferences(false);
// Create the builder and parse the file
Document doc = factory.newDocumentBuilder().parse(new File("filename"));
}
}
Resolving entities found in source XML during parsing
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;
import org.xml.sax.Attributes;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import org.xml.sax.SAXParseException;
import org.xml.sax.helpers.DefaultHandler;
public class Main {
public static void main(String[] argv) throws Exception {
SAXParserFactory factory = SAXParserFactory.newInstance();
factory.setValidating(true);
SAXParser parser = factory.newSAXParser();
SaxHandler handler = new SaxHandler();
parser.parse("sample.xml", handler);
}
}
class SaxHandler extends DefaultHandler {
public InputSource resolveEntity(String publicId, String systemId) {
if (systemId.equals("http://www.my-company.ru/order-1.0.dtd")) {
return new InputSource(getClass().getResourceAsStream("order.dtd"));
} else {
return null;
}
}
public void startElement(String uri, String localName, String qName, Attributes attrs)
throws SAXException {
if (qName.equals("order")) {
}
}
public void error(SAXParseException ex) throws SAXException {
System.out.println("ERROR: [at " + ex.getLineNumber() + "] " + ex);
}
public void fatalError(SAXParseException ex) throws SAXException {
System.out.println("FATAL_ERROR: [at " + ex.getLineNumber() + "] " + ex);
}
public void warning(SAXParseException ex) throws SAXException {
System.out.println("WARNING: [at " + ex.getLineNumber() + "] " + ex);
}
}
