Code example for SAXParserFactory

Methods: setFeature

0
     * @param spf SAX parser factory. 
     */ 
    public SecureSaxParserFactory(SAXParserFactory spf) {
        this.spf = spf;
 
        if (SaxHelper.isXdkParserFactory(spf)) {
            LOGGER.log(Level.WARNING, LocalizationMessages.SAX_XDK_NO_SECURITY_FEATURES());
        } else { 
            try { 
                spf.setFeature("http://xml.org/sax/features/external-general-entities", Boolean.FALSE);
                spf.setFeature("http://xml.org/sax/features/external-parameter-entities", Boolean.FALSE);
            } catch (Exception ex) {
                throw new RuntimeException(LocalizationMessages.SAX_CANNOT_ENABLE_SECURITY_FEATURES(), ex);
            } 
 
            try { 
                spf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
            } catch (Exception ex) {
                LOGGER.log(Level.WARNING, LocalizationMessages.SAX_CANNOT_ENABLE_SECURE_PROCESSING_FEATURE(), ex);
            } 
        } 
    }