Java Tutorial/XML/Entities
Escapes all necessary characters in the String so that it can be used in an XML doc
<source lang="java">
/**
* $Revision: 10205 $ * $Date: 2008-04-11 15:48:27 -0700 (Fri, 11 Apr 2008) $ * * Copyright (C) 2004-2008 Jive Software. All rights reserved. * * This software is published under the terms of the GNU Public License (GPL), * a copy of which is included in this distribution, or a commercial license * agreement with Jive. */
import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.text.BreakIterator; import java.util.*; import java.util.concurrent.ConcurrentHashMap; /**
* Utility class to peform common String manipulation algorithms. */
public class StringUtils {
// Constants used by escapeHTMLTags private static final char[] QUOTE_ENCODE = """.toCharArray(); private static final char[] AMP_ENCODE = "&".toCharArray(); private static final char[] LT_ENCODE = "<".toCharArray(); private static final char[] GT_ENCODE = ">".toCharArray(); private StringUtils() { // Not instantiable. } /** * Escapes all necessary characters in the String so that it can be used * in an XML doc. * * @param string the string to escape. * @return the string with appropriate characters escaped. */ public static String escapeForXML(String string) { if (string == null) { return null; } char ch; int i = 0; int last = 0; char[] input = string.toCharArray(); int len = input.length; StringBuilder out = new StringBuilder((int)(len * 1.3)); for (; i < len; i++) { ch = input[i]; if (ch > ">") { } else if (ch == "<") { if (i > last) { out.append(input, last, i - last); } last = i + 1; out.append(LT_ENCODE); } else if (ch == "&") { if (i > last) { out.append(input, last, i - last); } last = i + 1; out.append(AMP_ENCODE); } else if (ch == """) { if (i > last) { out.append(input, last, i - last); } last = i + 1; out.append(QUOTE_ENCODE); } } if (last == 0) { return string; } if (i > last) { out.append(input, last, i - last); } return out.toString(); }
}</source>
Preventing Expansion of Entity References While Parsing an XML File
<source lang="java">
import java.io.File; import javax.xml.parsers.DocumentBuilderFactory; import org.w3c.dom.Document; public class Main {
public static void main(String[] argv) throws Exception{ DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setValidating(true); // Prevent expansion of entity references factory.setExpandEntityReferences(false); // Create the builder and parse the file Document doc = factory.newDocumentBuilder().parse(new File("filename")); }
}</source>
Resolving entities found in source XML during parsing
<source lang="java">
import javax.xml.parsers.SAXParser; import javax.xml.parsers.SAXParserFactory; import org.xml.sax.Attributes; import org.xml.sax.InputSource; import org.xml.sax.SAXException; import org.xml.sax.SAXParseException; import org.xml.sax.helpers.DefaultHandler; public class Main {
public static void main(String[] argv) throws Exception { SAXParserFactory factory = SAXParserFactory.newInstance(); factory.setValidating(true); SAXParser parser = factory.newSAXParser(); SaxHandler handler = new SaxHandler(); parser.parse("sample.xml", handler); }
} class SaxHandler extends DefaultHandler {
public InputSource resolveEntity(String publicId, String systemId) { if (systemId.equals("http://www.my-company.ru/order-1.0.dtd")) { return new InputSource(getClass().getResourceAsStream("order.dtd")); } else { return null; } } public void startElement(String uri, String localName, String qName, Attributes attrs) throws SAXException { if (qName.equals("order")) { } } public void error(SAXParseException ex) throws SAXException { System.out.println("ERROR: [at " + ex.getLineNumber() + "] " + ex); } public void fatalError(SAXParseException ex) throws SAXException { System.out.println("FATAL_ERROR: [at " + ex.getLineNumber() + "] " + ex); } public void warning(SAXParseException ex) throws SAXException { System.out.println("WARNING: [at " + ex.getLineNumber() + "] " + ex); }
}</source>