1.1 --- a/src/share/jaxws_classes/com/sun/xml/internal/rngom/xml/sax/JAXPXMLReaderCreator.java Thu Sep 26 10:43:28 2013 -0700
1.2 +++ b/src/share/jaxws_classes/com/sun/xml/internal/rngom/xml/sax/JAXPXMLReaderCreator.java Fri Oct 04 16:21:34 2013 +0100
1.3 @@ -23,7 +23,7 @@
1.4 * questions.
1.5 */
1.6 /*
1.7 - * Copyright (C) 2004-2011
1.8 + * Copyright (C) 2004-2012
1.9 *
1.10 * Permission is hereby granted, free of charge, to any person obtaining a copy
1.11 * of this software and associated documentation files (the "Software"), to deal
1.12 @@ -45,10 +45,15 @@
1.13 */
1.14 package com.sun.xml.internal.rngom.xml.sax;
1.15
1.16 +import java.util.logging.Level;
1.17 +import java.util.logging.Logger;
1.18 +import javax.xml.XMLConstants;
1.19 import javax.xml.parsers.ParserConfigurationException;
1.20 import javax.xml.parsers.SAXParserFactory;
1.21
1.22 import org.xml.sax.SAXException;
1.23 +import org.xml.sax.SAXNotRecognizedException;
1.24 +import org.xml.sax.SAXNotSupportedException;
1.25 import org.xml.sax.XMLReader;
1.26
1.27 /**
1.28 @@ -72,7 +77,16 @@
1.29 */
1.30 public JAXPXMLReaderCreator() {
1.31 spf = SAXParserFactory.newInstance();
1.32 - spf.setNamespaceAware(true);
1.33 + try {
1.34 + spf.setNamespaceAware(true);
1.35 + spf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
1.36 + } catch (ParserConfigurationException ex) {
1.37 + Logger.getLogger(JAXPXMLReaderCreator.class.getName()).log(Level.SEVERE, null, ex);
1.38 + } catch (SAXNotRecognizedException ex) {
1.39 + Logger.getLogger(JAXPXMLReaderCreator.class.getName()).log(Level.SEVERE, null, ex);
1.40 + } catch (SAXNotSupportedException ex) {
1.41 + Logger.getLogger(JAXPXMLReaderCreator.class.getName()).log(Level.SEVERE, null, ex);
1.42 + }
1.43 }
1.44
1.45 /**
