Author: scabanovich Date: 2012-02-27 21:33:01 -0500 (Mon, 27 Feb 2012) New Revision: 39157 Modified: trunk/common/plugins/org.jboss.tools.common/src/org/jboss/tools/common/xml/XMLEntityResolver.java trunk/common/plugins/org.jboss.tools.common/src/org/jboss/tools/common/xml/XMLUtilities.java Log: JBIDE-11066 https://issues.jboss.org/browse/JBIDE-11066 Prevented loading of entities from internet. Modified: trunk/common/plugins/org.jboss.tools.common/src/org/jboss/tools/common/xml/XMLEntityResolver.java =================================================================== --- trunk/common/plugins/org.jboss.tools.common/src/org/jboss/tools/common/xml/XMLEntityResolver.java 2012-02-28 02:32:24 UTC (rev 39156) +++ trunk/common/plugins/org.jboss.tools.common/src/org/jboss/tools/common/xml/XMLEntityResolver.java 2012-02-28 02:33:01 UTC (rev 39157) @@ -10,6 +10,7 @@ import java.util.Properties; import org.eclipse.core.runtime.FileLocator; +import org.jboss.tools.common.CommonPlugin; import org.xml.sax.EntityResolver; import org.xml.sax.InputSource; import org.xml.sax.SAXException; @@ -96,10 +97,16 @@ } } - if(deactivate && (systemId != null) && (source == null) && (systemId.toLowerCase().endsWith(".dtd"))) { // this deactivates DTD //$NON-NLS-1$ + if(deactivate && (systemId != null) && (source == null) + // this deactivates DTD for .dtd and .ent resources + && (systemId.toLowerCase().endsWith(".dtd") || systemId.toLowerCase().endsWith(".ent")) + ) { //$NON-NLS-1$ //$NON-NLS-2$ source = new InputSource(new ByteArrayInputStream("<?xml version='1.0' encoding='UTF-8'?>".getBytes())); //$NON-NLS-1$ } - + if(source == null) { + CommonPlugin.getDefault().logError("WARNING: Cannot resolve entity " + systemId); //$NON-NLS-1$ + } + // TODO study if we can always return non-null value. return source; } Modified: trunk/common/plugins/org.jboss.tools.common/src/org/jboss/tools/common/xml/XMLUtilities.java =================================================================== --- trunk/common/plugins/org.jboss.tools.common/src/org/jboss/tools/common/xml/XMLUtilities.java 2012-02-28 02:32:24 UTC (rev 39156) +++ trunk/common/plugins/org.jboss.tools.common/src/org/jboss/tools/common/xml/XMLUtilities.java 2012-02-28 02:33:01 UTC (rev 39157) @@ -155,7 +155,8 @@ public static EntityResolver createEmptyEntityResolver() { return new EntityResolver() { public InputSource resolveEntity(java.lang.String publicId, java.lang.String systemId) throws SAXException, java.io.IOException { - if((systemId != null) && systemId.toLowerCase().endsWith(".dtd")) { // this deactivates DTD //$NON-NLS-1$ + if((systemId != null) && + (systemId.toLowerCase().endsWith(".dtd") || systemId.toLowerCase().endsWith(".ent"))) { // this deactivates DTD //$NON-NLS-1$ //$NON-NLS-2$ return new InputSource(new ByteArrayInputStream("<?xml version='1.0' encoding='UTF-8'?>".getBytes())); //$NON-NLS-1$ } else { return null;