Mercurial Mercurial > oss > MCL > sf > mw > appinstall / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
secureswitools/swisistools/source/xmlparser/xerces/include/xercesc/util/SecurityManager.hpp
changeset 0 ba25891c3a9e
child 1 c42dffbd5b4f 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/secureswitools/swisistools/source/xmlparser/xerces/include/xercesc/util/SecurityManager.hpp	Thu Dec 17 08:51:10 2009 +0200
@@ -0,0 +1,132 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: 
+*
+*/
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * $Id: SecurityManager.hpp 568078 2007-08-21 11:43:25Z amassari $
+ */
+
+#ifndef SECURITYMANAGER_HPP
+#define SECURITYMANAGER_HPP
+
+#include <xercesc/util/XercesDefs.hpp>
+
+XERCES_CPP_NAMESPACE_BEGIN
+
+/**
+  * Allow application to force the parser to behave in a security-conscious
+  * way.
+  *
+  * <p> There are cases in which an XML- or XmL-schema-
+  * conformant processor can be presented with documents the
+  * processing of which can involve the consumption of
+  * prohibitive amounts of system resources.  Applications can
+  * attach instances of this class to parsers that they've
+  * created, via the
+  * http://apache.org/xml/properties/security-manager property.  
+  * </p>
+  *
+  * <p> Defaults will be provided for all known security holes.
+  * Setter methods will be provided on this class to ensure that
+  * an application can customize each limit as it chooses.
+  * Components that are vulnerable to any given hole need to be
+  * written to act appropriately when an instance of this class
+  * has been set on the calling parser.
+  * </p>
+  */
+
+class XMLUTIL_EXPORT SecurityManager
+{
+public:
+
+    enum { ENTITY_EXPANSION_LIMIT = 50000};
+
+    /** @name default Constructors */
+    //@{
+    /** Default constructor */
+    SecurityManager()
+        : fEntityExpansionLimit(ENTITY_EXPANSION_LIMIT)
+    {        
+    }
+
+    /** Destructor */
+    virtual ~SecurityManager(){};   
+    //@}
+
+    /** @name The Security Manager */
+    //@{
+   /**
+    * An application should call this method when it wishes to specify a particular
+    * limit to the number of entity expansions the parser will permit in a
+    * particular document.  The default behaviour should allow the parser
+    * to validate nearly all XML non-malicious XML documents; if an
+    * application knows that it is operating in a domain where entities are
+    * uncommon, for instance, it may wish to provide a limit lower than the
+    * parser's default.
+    *
+    * @param newLimit  the new entity expansion limit
+    *
+    */
+    virtual void setEntityExpansionLimit(unsigned int newLimit) 
+    {
+        fEntityExpansionLimit = newLimit;
+    }
+
+   /**
+    * Permits the application or a parser component to query the current
+    * limit for entity expansions.
+    *
+    * @return   the current setting of the entity expansion limit
+    *
+    */
+    virtual unsigned int getEntityExpansionLimit() const
+    { 
+        return fEntityExpansionLimit;
+    }
+    //@}
+
+protected:
+    unsigned int fEntityExpansionLimit;
+
+private:
+
+    /* Unimplemented Constructors and operators */
+    /* Copy constructor */
+    SecurityManager(const SecurityManager&);
+    
+    /** Assignment operator */
+    SecurityManager& operator=(const SecurityManager&);
+};
+
+XERCES_CPP_NAMESPACE_END
+
+#endif
MCL/sf/mw/appinstall