From 6997c114e9b53f5c07e6421b6bd7c4d7a1d5ee97 Mon Sep 17 00:00:00 2001
From: Neil Graham <neilg@apache.org>
Date: Wed, 14 May 2003 17:11:55 +0000
Subject: [PATCH] documentation for setting SecurityManager instances on
parsers
git-svn-id: https://svn.apache.org/repos/asf/xerces/c/trunk@174962 13f79535-47bb-0310-9956-ffa450edef68
---
doc/program-dom.xml | 72 +++++++++++++++++++++++++++++++++++++++++++-
doc/program-sax.xml | 35 +++++++++++++++++++++
doc/program-sax2.xml | 34 +++++++++++++++++++++
3 files changed, 140 insertions(+), 1 deletion(-)
diff --git a/doc/program-dom.xml b/doc/program-dom.xml
index 3b702ecff..8226f440c 100644
--- a/doc/program-dom.xml
+++ b/doc/program-dom.xml
@@ -568,7 +568,8 @@
of the properties below are set using the "setter" methods (e.g. <code>setExternalSchemaLocation</code>),
and are queried using the corresponding "getter" methods (e.g. <code>getExternalSchemaLocation</code>).
The following only gives you a quick summary of supported features. Please
- refer to <jump href="api.html">API Documentation</jump> for complete detail.
+ refer to <jump href="api.html">API Documentation</jump> for
+ complete details.
</p>
<table>
<tr><th colspan="2"><em>void setExternalSchemaLocation(const XMLCh*)</em></th></tr>
@@ -624,6 +625,41 @@
</table>
<p/>
+ <table>
+ <tr><th
+ colspan="2"><em>setSecurityManager(Security Manager * const)</em></th></tr>
+ <tr><th><em>Description</em></th>
+ <td>
+ Certain valid XML and XML Schema constructs can force a
+ processor to consume more system resources than an
+ application may wish. In fact, certain features could
+ be exploited by malicious document writers to produce a
+ denial-of-service attack. This property allows
+ applications to impose limits on the amount of
+ resources the processor will consume while processing
+ these constructs.
+ </td></tr>
+ <tr><th><em>Value</em></th>
+ <td>
+ An instance of the SecurityManager class (see
+ <code>xercesc/util/SecurityManager</code>. This
+ class's documentation describes the particular limits
+ that may be set. Note that, when instantiated, default
+ values for limits that should be appropriate in most
+ settings are provided. The default implementation is
+ not thread-safe; if thread-safety is required, the
+ application should extend this class, overriding
+ methods appropriately. The parser will not adopt the
+ SecurityManager instance; the application is
+ responsible for deleting it when it is finished with
+ it. If no SecurityManager instance has been provided to
+ the parser (the default) then processing strictly
+ conforming to the relevant specifications will be
+ performed.
+ </td></tr>
+ <tr><th><em>Value Type</em></th><td> SecurityManager* </td></tr>
+ </table>
+ <p/>
</s3>
@@ -1234,6 +1270,40 @@
for more programming details. </td></tr>
</table>
<p/>
+ <table>
+ <tr><th colspan="2"><em>http://apache.org/xml/properties/security-manager</em></th></tr>
+ <tr><th><em>Description</em></th>
+ <td>
+ Certain valid XML and XML Schema constructs can force a
+ processor to consume more system resources than an
+ application may wish. In fact, certain features could
+ be exploited by malicious document writers to produce a
+ denial-of-service attack. This property allows
+ applications to impose limits on the amount of
+ resources the processor will consume while processing
+ these constructs.
+ </td></tr>
+ <tr><th><em>Value</em></th>
+ <td>
+ An instance of the SecurityManager class (see
+ <code>xercesc/util/SecurityManager</code>. This
+ class's documentation describes the particular limits
+ that may be set. Note that, when instantiated, default
+ values for limits that should be appropriate in most
+ settings are provided. The default implementation is
+ not thread-safe; if thread-safety is required, the
+ application should extend this class, overriding
+ methods appropriately. The parser will not adopt the
+ SecurityManager instance; the application is
+ responsible for deleting it when it is finished with
+ it. If no SecurityManager instance has been provided to
+ the parser (the default) then processing strictly
+ conforming to the relevant specifications will be
+ performed.
+ </td></tr>
+ <tr><th><em>Value Type</em></th><td> SecurityManager* </td></tr>
+ </table>
+ <p/>
</s4>
</s3>
diff --git a/doc/program-sax.xml b/doc/program-sax.xml
index bf258ce03..390f3cded 100644
--- a/doc/program-sax.xml
+++ b/doc/program-sax.xml
@@ -392,6 +392,41 @@ MySAXHandler::fatalError(const SAXParseException& exception)
<p/>
+ <table>
+ <tr><th
+ colspan="2"><em>setSecurityManager(Security Manager * const)</em></th></tr>
+ <tr><th><em>Description</em></th>
+ <td>
+ Certain valid XML and XML Schema constructs can force a
+ processor to consume more system resources than an
+ application may wish. In fact, certain features could
+ be exploited by malicious document writers to produce a
+ denial-of-service attack. This property allows
+ applications to impose limits on the amount of
+ resources the processor will consume while processing
+ these constructs.
+ </td></tr>
+ <tr><th><em>Value</em></th>
+ <td>
+ An instance of the SecurityManager class (see
+ <code>xercesc/util/SecurityManager</code>. This
+ class's documentation describes the particular limits
+ that may be set. Note that, when instantiated, default
+ values for limits that should be appropriate in most
+ settings are provided. The default implementation is
+ not thread-safe; if thread-safety is required, the
+ application should extend this class, overriding
+ methods appropriately. The parser will not adopt the
+ SecurityManager instance; the application is
+ responsible for deleting it when it is finished with
+ it. If no SecurityManager instance has been provided to
+ the parser (the default) then processing strictly
+ conforming to the relevant specifications will be
+ performed.
+ </td></tr>
+ <tr><th><em>Value Type</em></th><td> SecurityManager* </td></tr>
+ </table>
+ <p/>
</s3>
</s2>
diff --git a/doc/program-sax2.xml b/doc/program-sax2.xml
index a4d20aaef..cc79ae336 100644
--- a/doc/program-sax2.xml
+++ b/doc/program-sax2.xml
@@ -430,6 +430,40 @@ MySAX2Handler::fatalError(const SAXParseException& exception)
<p/>
+ <table>
+ <tr><th colspan="2"><em>http://apache.org/xml/properties/security-manager</em></th></tr>
+ <tr><th><em>Description</em></th>
+ <td>
+ Certain valid XML and XML Schema constructs can force a
+ processor to consume more system resources than an
+ application may wish. In fact, certain features could
+ be exploited by malicious document writers to produce a
+ denial-of-service attack. This property allows
+ applications to impose limits on the amount of
+ resources the processor will consume while processing
+ these constructs.
+ </td></tr>
+ <tr><th><em>Value</em></th>
+ <td>
+ An instance of the SecurityManager class (see
+ <code>xercesc/util/SecurityManager</code>. This
+ class's documentation describes the particular limits
+ that may be set. Note that, when instantiated, default
+ values for limits that should be appropriate in most
+ settings are provided. The default implementation is
+ not thread-safe; if thread-safety is required, the
+ application should extend this class, overriding
+ methods appropriately. The parser will not adopt the
+ SecurityManager instance; the application is
+ responsible for deleting it when it is finished with
+ it. If no SecurityManager instance has been provided to
+ the parser (the default) then processing strictly
+ conforming to the relevant specifications will be
+ performed.
+ </td></tr>
+ <tr><th><em>Value Type</em></th><td> SecurityManager* </td></tr>
+ </table>
+ <p/>
</s4>
</s3>
</s2>
--
GitLab