88import java .io .StringReader ;
99import java .util .ArrayList ;
1010import java .util .List ;
11- import java . util . logging . Logger ;
11+ import javax . xml . XMLConstants ;
1212import javax .xml .parsers .DocumentBuilder ;
1313import javax .xml .parsers .DocumentBuilderFactory ;
14- import javax .xml .parsers .ParserConfigurationException ;
1514
1615import com .oracle .weblogic .imagetool .logging .LoggingFacade ;
1716import com .oracle .weblogic .imagetool .logging .LoggingFactory ;
@@ -42,6 +41,37 @@ public class HttpUtil {
4241
4342 private static final LoggingFacade logger = LoggingFactory .getLogger (HttpUtil .class );
4443
44+ private static Document parseXmlString (String xmlString ) throws ClientProtocolException {
45+ logger .entering (xmlString );
46+
47+ try {
48+ DocumentBuilderFactory factory = DocumentBuilderFactory .newInstance ();
49+ try {
50+ factory .setXIncludeAware (false );
51+ factory .setExpandEntityReferences (false );
52+ } catch (Throwable ex ) {
53+ logger .warning ("Failed to set XML factory feature: {0}" , ex .getLocalizedMessage ());
54+ }
55+
56+ try {
57+ factory .setFeature (XMLConstants .FEATURE_SECURE_PROCESSING , true );
58+ } catch (Throwable ex ) {
59+ logger .warning ("Failed to set FEATURE_SECURE_PROCESSING: {0}" , ex .getLocalizedMessage ());
60+ }
61+
62+ DocumentBuilder builder = factory .newDocumentBuilder ();
63+ InputSource input = new InputSource (new StringReader (xmlString ));
64+ Document doc = builder .parse (input );
65+ logger .finest (doc );
66+ logger .exiting ();
67+ return doc ;
68+ } catch (SAXException ex ) {
69+ throw new ClientProtocolException ("Malformed XML document" , ex );
70+ } catch (Exception g ) {
71+ throw new IllegalStateException (g );
72+ }
73+ }
74+
4575 /**
4676 * Return the xml result of a GET from the url.
4777 *
@@ -57,21 +87,8 @@ public static Document getXMLContent(String url, String username, String passwor
5787 String xmlString = Executor .newInstance (getOraClient (username , password ))
5888 .execute (Request .Get (url ).connectTimeout (30000 ).socketTimeout (30000 ))
5989 .returnContent ().asString ();
60- try {
61- DocumentBuilderFactory dbfac = DocumentBuilderFactory .newInstance ();
62- DocumentBuilder docBuilder = dbfac .newDocumentBuilder ();
63- InputSource is = new InputSource (new StringReader (xmlString ));
64- Document doc = docBuilder .parse (is );
65- logger .finest (doc );
66- logger .exiting ();
67- return doc ;
68- } catch (ParserConfigurationException ex ) {
69- throw new IllegalStateException (ex );
70- } catch (SAXException ex ) {
71- throw new ClientProtocolException ("Malformed XML document" , ex );
72- } catch (Exception g ) {
73- throw new IllegalStateException (g );
74- }
90+ logger .exiting ();
91+ return parseXmlString (xmlString );
7592 }
7693
7794 private static HttpClient getOraClient (String userId , String password ) {
@@ -164,22 +181,8 @@ public static Document postCheckConflictRequest(String url, String payload, Stri
164181 String xmlString =
165182 httpExecutor .execute (Request .Post (url ).connectTimeout (30000 ).socketTimeout (30000 ).body (entity ))
166183 .returnContent ().asString ();
167- logger .finest ("Returned Raw result: {0}" , xmlString );
168- try {
169- DocumentBuilderFactory dbfac = DocumentBuilderFactory .newInstance ();
170- DocumentBuilder docBuilder = dbfac .newDocumentBuilder ();
171- InputSource is = new InputSource (new StringReader (xmlString ));
172- Document doc = docBuilder .parse (is );
173- logger .finest (doc );
174- logger .exiting ();
175- return doc ;
176- } catch (ParserConfigurationException ex ) {
177- throw new IllegalStateException (ex );
178- } catch (SAXException ex ) {
179- throw new ClientProtocolException ("Malformed XML document" , ex );
180- } catch (Exception g ) {
181- throw new IllegalStateException (g );
182- }
184+ logger .exiting ();
185+ return parseXmlString (xmlString );
183186
184187 }
185188
0 commit comments