|
Lines 23-28
Link Here
|
| 23 |
import java.util.List; |
23 |
import java.util.List; |
| 24 |
import java.util.zip.ZipEntry; |
24 |
import java.util.zip.ZipEntry; |
| 25 |
|
25 |
|
|
|
26 |
import javax.xml.XMLConstants; |
| 27 |
import javax.xml.parsers.ParserConfigurationException; |
| 28 |
import javax.xml.parsers.SAXParser; |
| 29 |
import javax.xml.parsers.SAXParserFactory; |
| 30 |
|
| 31 |
import org.apache.poi.POIXMLException; |
| 26 |
import org.apache.poi.openxml4j.exceptions.InvalidFormatException; |
32 |
import org.apache.poi.openxml4j.exceptions.InvalidFormatException; |
| 27 |
import org.apache.poi.openxml4j.opc.PackageNamespaces; |
33 |
import org.apache.poi.openxml4j.opc.PackageNamespaces; |
| 28 |
import org.apache.poi.openxml4j.opc.PackagePart; |
34 |
import org.apache.poi.openxml4j.opc.PackagePart; |
|
Lines 39-47
Link Here
|
| 39 |
import org.dom4j.QName; |
45 |
import org.dom4j.QName; |
| 40 |
import org.dom4j.io.SAXReader; |
46 |
import org.dom4j.io.SAXReader; |
| 41 |
import org.xml.sax.SAXException; |
47 |
import org.xml.sax.SAXException; |
|
|
48 |
import org.xml.sax.SAXParseException; |
| 42 |
|
49 |
|
| 43 |
/** |
50 |
/** |
| 44 |
* Package properties unmarshaller. |
51 |
* Package properties unmarshaller. |
| 45 |
* |
52 |
* |
|
Lines 128-140
Link Here
|
| 128 |
} |
127 |
} |
| 129 |
|
128 |
|
| 130 |
SAXReader xmlReader = new SAXReader(); |
129 |
SAXReader xmlReader = new SAXReader(); |
|
|
130 |
SAXParserFactory spf = SAXParserFactory.newInstance(); |
| 131 |
SAXParser sp; |
| 131 |
Document xmlDoc; |
132 |
Document xmlDoc; |
| 132 |
try { |
133 |
try { |
|
|
134 |
spf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); |
| 135 |
sp = spf.newSAXParser(); |
| 136 |
xmlReader.setXMLReader(sp.getXMLReader()); |
| 133 |
xmlDoc = xmlReader.read(in); |
137 |
xmlDoc = xmlReader.read(in); |
| 134 |
|
138 |
|
| 135 |
/* Check OPC compliance */ |
139 |
/* Check OPC compliance */ |
|
Lines 145-154
Link Here
|
| 145 |
/* End OPC compliance */ |
144 |
/* End OPC compliance */ |
| 146 |
|
145 |
|
| 147 |
} catch (DocumentException e) { |
146 |
} catch (DocumentException e) { |
|
|
147 |
Throwable nestedException = e.getNestedException(); |
| 148 |
if (null != nestedException && |
| 149 |
nestedException instanceof SAXParseException && |
| 150 |
null != nestedException.getMessage() && |
| 151 |
nestedException.getMessage().contains("entity expansions in this document; this is the limit")) { |
| 152 |
throw new POIXMLException(e); |
| 153 |
} |
| 148 |
throw new IOException(e.getMessage()); |
154 |
throw new IOException(e.getMessage()); |
| 149 |
} catch (SAXException e) { |
155 |
} catch (SAXException e) { |
| 150 |
throw new IOException(e.getMessage()); |
156 |
throw new IOException(e.getMessage()); |
| 151 |
} |
157 |
} catch (ParserConfigurationException e) { |
|
|
158 |
throw new IOException(e.getMessage()); |
| 159 |
} |
| 152 |
|
160 |
|
| 153 |
coreProps.setCategoryProperty(loadCategory(xmlDoc)); |
161 |
coreProps.setCategoryProperty(loadCategory(xmlDoc)); |
| 154 |
coreProps.setContentStatusProperty(loadContentStatus(xmlDoc)); |
162 |
coreProps.setContentStatusProperty(loadContentStatus(xmlDoc)); |