Package eu.europa.esig.dss.xades

Class EnforcedResolverFragment

java.lang.Object

org.apache.xml.security.utils.resolver.ResourceResolverSpi

org.apache.xml.security.utils.resolver.implementations.ResolverFragment

eu.europa.esig.dss.xades.EnforcedResolverFragment

public class EnforcedResolverFragment
extends org.apache.xml.security.utils.resolver.implementations.ResolverFragment

Field Summary

Fields inherited from class org.apache.xml.security.utils.resolver.ResourceResolverSpi

properties

Constructor Summary

Constructors

Constructor	Description
EnforcedResolverFragment()

Method Summary

Modifier and Type	Method	Description
boolean	checkValueForXpathInjection(String xpathString)	This method tests the xpath expression against injection.
boolean	engineCanResolveURI(org.apache.xml.security.utils.resolver.ResourceResolverContext context)

Methods inherited from class org.apache.xml.security.utils.resolver.implementations.ResolverFragment

engineIsThreadSafe, engineResolveURI

Methods inherited from class org.apache.xml.security.utils.resolver.ResourceResolverSpi

engineAddProperies, engineGetProperty, engineGetPropertyKeys, engineSetProperty, fixURI, understandsProperty

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

EnforcedResolverFragment

public EnforcedResolverFragment()

Method Detail

engineCanResolveURI

public boolean engineCanResolveURI(org.apache.xml.security.utils.resolver.ResourceResolverContext context)

Overrides:

engineCanResolveURI in class org.apache.xml.security.utils.resolver.implementations.ResolverFragment

checkValueForXpathInjection

public boolean checkValueForXpathInjection(String xpathString)

This method tests the xpath expression against injection. See https://www.owasp.org/index.php/XPATH_Injection_Java

Parameters:

xpathString - the xpath expression to be tested

Returns:

false if the xpath contains forbidden character or if the xpath cannot be decoded