Configuring XML Handling
|
Этот раздел перенесён из документации Camunda 7 и в дальнейшем будет доработан с учётом особенностей OpenBPM Engine |
Spin can be configured to change XML parsing, writing, and mapping settings. Spin uses JAXB and DOM to handle XML.
Therefore, the XML data format uses instances of javax.xml.parsers.DocumentBuilderFactory,
javax.xml.transform.TransformerFactory, and javax.xml.bind.JAXBContext that can be configured using Spin’s
configuration mechanism.
For example, a custom application may provide an implementation of io.openbpm.spin.spi.DataFormatConfigurator that exchanges
the JAXBContext. Spin uses and caches the context to improve performance.
The data format class to register a configurator for is io.openbpm.spin.impl.xml.dom.format.DomXmlDataFormat.
An instance of this class provides setter methods (for the entities mentioned above) that can be used to replace the
default object mapper. Refer to the JDK documentation http://docs.oracle.com/javase/8/docs/api/ on what
configuration can be applied.
Safe XML processing
The Spin XML data format provides the following configuration properties to enable secure parsing of XML documents:
| Property | Description | xxe-processing |
|---|---|---|
Toggle the processing of External XML Entities (XXE) in an XML document. Disable to prevent XXE attacks. Default value: false |
secure-processing |
Toggle the secure processing of an XML document. Default value: true |
To provide a custom configuration, you can pass these properties in a Map, to the DataFormats.loadDataFormats(…)
method, similar to the example below:
Map<String, Object> configurationOptions = new HashMap<>();
configurationOptions.put("xxe-processing", true);
configurationOptions.put("secure-processing", false);
DataFormats.loadDataFormats(classloader, configurationOptions);Лицензия и атрибуция
Эта документация была создана на базе материала "Camunda 7 Docs" от Camunda, находится под лицензией Creative Commons Attribution-ShareAlike 3.0 Unported License .
Оригинал документации: https://docs.camunda.org