1.1 --- a/src/share/jaxws_classes/com/sun/xml/internal/bind/v2/runtime/JAXBContextImpl.java Thu Apr 04 19:05:24 2013 -0700
1.2 +++ b/src/share/jaxws_classes/com/sun/xml/internal/bind/v2/runtime/JAXBContextImpl.java Tue Apr 09 14:51:13 2013 +0100
1.3 @@ -1,5 +1,5 @@
1.4 /*
1.5 - * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
1.6 + * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
1.7 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
1.8 *
1.9 * This code is free software; you can redistribute it and/or modify it
1.10 @@ -71,6 +71,7 @@
1.11
1.12 import com.sun.istack.internal.NotNull;
1.13 import com.sun.istack.internal.Pool;
1.14 +import com.sun.xml.internal.bind.v2.WellKnownNamespace;
1.15 import com.sun.xml.internal.bind.api.AccessorException;
1.16 import com.sun.xml.internal.bind.api.Bridge;
1.17 import com.sun.xml.internal.bind.api.BridgeContext;
1.18 @@ -81,7 +82,6 @@
1.19 import com.sun.xml.internal.bind.api.TypeReference;
1.20 import com.sun.xml.internal.bind.unmarshaller.DOMScanner;
1.21 import com.sun.xml.internal.bind.util.Which;
1.22 -import com.sun.xml.internal.bind.v2.WellKnownNamespace;
1.23 import com.sun.xml.internal.bind.v2.model.annotation.RuntimeAnnotationReader;
1.24 import com.sun.xml.internal.bind.v2.model.annotation.RuntimeInlineAnnotationReader;
1.25 import com.sun.xml.internal.bind.v2.model.core.Adapter;
1.26 @@ -110,6 +110,7 @@
1.27 import com.sun.xml.internal.bind.v2.schemagen.XmlSchemaGenerator;
1.28 import com.sun.xml.internal.bind.v2.util.EditDistance;
1.29 import com.sun.xml.internal.bind.v2.util.QNameMap;
1.30 +import com.sun.xml.internal.bind.v2.util.XmlFactory;
1.31 import com.sun.xml.internal.txw2.output.ResultFactory;
1.32
1.33 import org.w3c.dom.Document;
1.34 @@ -220,7 +221,7 @@
1.35 public final boolean retainPropertyInfo;
1.36
1.37 /**
1.38 - * Supress reflection accessor warnings.
1.39 + * Suppress reflection accessor warnings.
1.40 */
1.41 public final boolean supressAccessorWarnings;
1.42
1.43 @@ -229,6 +230,11 @@
1.44 */
1.45 public final boolean improvedXsiTypeHandling;
1.46
1.47 + /**
1.48 + * Disable security processing.
1.49 + */
1.50 + public final boolean disableSecurityProcessing;
1.51 +
1.52 private WeakReference<RuntimeTypeInfoSet> typeInfoSetCache;
1.53
1.54 private @NotNull RuntimeAnnotationReader annotationReader;
1.55 @@ -237,7 +243,7 @@
1.56 private final @NotNull Map<Class,Class> subclassReplacements;
1.57
1.58 /**
1.59 - * If true, we aim for faster {@link JAXBContext} instanciation performance,
1.60 + * If true, we aim for faster {@link JAXBContext} instantiation performance,
1.61 * instead of going after efficient sustained unmarshalling/marshalling performance.
1.62 *
1.63 * @since 2.0.4
1.64 @@ -267,6 +273,7 @@
1.65 this.allNillable = builder.allNillable;
1.66 this.supressAccessorWarnings = builder.supressAccessorWarnings;
1.67 this.improvedXsiTypeHandling = builder.improvedXsiTypeHandling;
1.68 + this.disableSecurityProcessing = builder.disableSecurityProcessing;
1.69
1.70 Collection<TypeReference> typeRefs = builder.typeRefs;
1.71
1.72 @@ -278,8 +285,6 @@
1.73 }
1.74 this.fastBoot = fastB;
1.75
1.76 - System.arraycopy(classes,0,this.classes,0,classes.length);
1.77 -
1.78 RuntimeTypeInfoSet typeSet = getTypeInfoSet();
1.79
1.80 // at least prepare the empty table so that we don't have to check for null later
1.81 @@ -701,12 +706,12 @@
1.82 /**
1.83 * Creates a new identity transformer.
1.84 */
1.85 - static Transformer createTransformer() {
1.86 + static Transformer createTransformer(boolean disableSecureProcessing) {
1.87 try {
1.88 if (tf==null) {
1.89 synchronized(JAXBContextImpl.class) {
1.90 if (tf==null) {
1.91 - tf = (SAXTransformerFactory)TransformerFactory.newInstance();
1.92 + tf = (SAXTransformerFactory)XmlFactory.createTransformerFactory(disableSecureProcessing);
1.93 }
1.94 }
1.95 }
1.96 @@ -719,12 +724,12 @@
1.97 /**
1.98 * Creates a new identity transformer.
1.99 */
1.100 - public static TransformerHandler createTransformerHandler() {
1.101 + public static TransformerHandler createTransformerHandler(boolean disableSecureProcessing) {
1.102 try {
1.103 if (tf==null) {
1.104 synchronized(JAXBContextImpl.class) {
1.105 if (tf==null) {
1.106 - tf = (SAXTransformerFactory)TransformerFactory.newInstance();
1.107 + tf = (SAXTransformerFactory)XmlFactory.createTransformerFactory(disableSecureProcessing);
1.108 }
1.109 }
1.110 }
1.111 @@ -737,12 +742,11 @@
1.112 /**
1.113 * Creates a new DOM document.
1.114 */
1.115 - static Document createDom() {
1.116 + static Document createDom(boolean disableSecurityProcessing) {
1.117 synchronized(JAXBContextImpl.class) {
1.118 if(db==null) {
1.119 try {
1.120 - DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
1.121 - dbf.setNamespaceAware(true);
1.122 + DocumentBuilderFactory dbf = XmlFactory.createDocumentBuilderFactory(disableSecurityProcessing);
1.123 db = dbf.newDocumentBuilder();
1.124 } catch (ParserConfigurationException e) {
1.125 // impossible
1.126 @@ -1055,6 +1059,7 @@
1.127 private boolean xmlAccessorFactorySupport = false;
1.128 private boolean allNillable;
1.129 private boolean improvedXsiTypeHandling = true;
1.130 + private boolean disableSecurityProcessing = true;
1.131
1.132 public JAXBContextBuilder() {};
1.133
1.134 @@ -1069,6 +1074,7 @@
1.135 this.typeRefs = baseImpl.bridges.keySet();
1.136 this.xmlAccessorFactorySupport = baseImpl.xmlAccessorFactorySupport;
1.137 this.allNillable = baseImpl.allNillable;
1.138 + this.disableSecurityProcessing = baseImpl.disableSecurityProcessing;
1.139 }
1.140
1.141 public JAXBContextBuilder setRetainPropertyInfo(boolean val) {
1.142 @@ -1126,6 +1132,11 @@
1.143 return this;
1.144 }
1.145
1.146 + public JAXBContextBuilder setDisableSecurityProcessing(boolean val) {
1.147 + this.disableSecurityProcessing = val;
1.148 + return this;
1.149 + }
1.150 +
1.151 public JAXBContextImpl build() throws JAXBException {
1.152
1.153 // fool-proof
