1 /*
2 * Copyright (c) 2002-2025, City of Paris
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright notice
10 * and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright notice
13 * and the following disclaimer in the documentation and/or other materials
14 * provided with the distribution.
15 *
16 * 3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17 * contributors may be used to endorse or promote products derived from
18 * this software without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30 * POSSIBILITY OF SUCH DAMAGE.
31 *
32 * License 1.0
33 */
34 package fr.paris.lutece.util.xml;
35
36 import java.util.Map;
37 import java.util.Map.Entry;
38
39 import fr.paris.lutece.portal.service.util.AppPropertiesService;
40 import fr.paris.lutece.util.http.SecurityUtil;
41
42 /**
43 * This class provides utils for XML document management.
44 */
45 public final class XmlUtil
46 {
47 public static final String PROPERTIES_XML_HEADER = "xml.header";
48 private static final String TAG_BEGIN = "<";
49 private static final String TAG_CLOSE_BEGIN = "</";
50 private static final String TAG_END = ">\r\n";
51 private static final String TAG_CLOSE_END = " />\r\n";
52 private static final String TAG_SEPARATOR = " ";
53 private static final String TAG_ASSIGNMENT = "=";
54 private static final String TAG_ENCLOSED = "\"";
55
56 /**
57 * Instantiates a new xml util.
58 */
59 private XmlUtil( )
60 {
61 }
62
63 /**
64 * Gets the header of an XML file
65 *
66 * @return The header
67 */
68 public static String getXmlHeader( )
69 {
70 return AppPropertiesService.getProperty( PROPERTIES_XML_HEADER );
71 }
72
73 /**
74 * Add an element to an XML document buffer
75 *
76 * @param strXmlBuffer
77 * The XML document buffer
78 * @param strTag
79 * The tag name of the element to add
80 * @param strValue
81 * The value of the element
82 */
83 public static void addElement( StringBuffer strXmlBuffer, String strTag, String strValue )
84 {
85 if ( SecurityUtil.containsXmlExternalEntityInjectionTerms( strValue ) )
86 {
87 return;
88 }
89
90 strXmlBuffer.append( TAG_BEGIN );
91 strXmlBuffer.append( strTag );
92 strXmlBuffer.append( ">" );
93 strXmlBuffer.append( strValue );
94 strXmlBuffer.append( TAG_CLOSE_BEGIN );
95 strXmlBuffer.append( strTag );
96 strXmlBuffer.append( TAG_END );
97 }
98
99 /**
100 * Add an empty element (< />) to an XML document buffer.
101 *
102 * @param strXmlBuffer
103 * The XML document buffer
104 * @param strTag
105 * The tag name of the element to add
106 * @param attrList
107 * The attributes list
108 */
109 public static void addEmptyElement( StringBuffer strXmlBuffer, String strTag, Map<?, ?> attrList )
110 {
111 strXmlBuffer.append( TAG_BEGIN );
112 strXmlBuffer.append( strTag );
113
114 if ( attrList != null )
115 {
116 for ( Entry<?, ?> entry : attrList.entrySet( ) )
117 {
118 String code = (String) entry.getKey( );
119 strXmlBuffer.append( TAG_SEPARATOR + code + TAG_ASSIGNMENT + TAG_ENCLOSED + entry.getValue( ) + TAG_ENCLOSED );
120 }
121 }
122
123 strXmlBuffer.append( TAG_CLOSE_END );
124 }
125
126 /**
127 * Add an element to an XML document buffer with attributes
128 *
129 * @param strXmlBuffer
130 * The XML document buffer
131 * @param strTag
132 * The tag name of the element to add
133 * @param strValue
134 * The value of the element
135 * @param attrList
136 * the attribute list
137 */
138 public static void addElement( StringBuffer strXmlBuffer, String strTag, String strValue, Map<?, ?> attrList )
139 {
140 if ( SecurityUtil.containsXmlExternalEntityInjectionTerms( strValue ) )
141 {
142 return;
143 }
144
145 strXmlBuffer.append( TAG_BEGIN );
146 strXmlBuffer.append( strTag );
147
148 if ( attrList != null )
149 {
150 for ( Entry<?, ?> entry : attrList.entrySet( ) )
151 {
152 String code = (String) entry.getKey( );
153 strXmlBuffer.append( TAG_SEPARATOR + code + TAG_ASSIGNMENT + TAG_ENCLOSED + entry.getValue( ) + TAG_ENCLOSED );
154 }
155 }
156
157 strXmlBuffer.append( ">" );
158 strXmlBuffer.append( strValue );
159 strXmlBuffer.append( TAG_CLOSE_BEGIN );
160 strXmlBuffer.append( strTag );
161 strXmlBuffer.append( TAG_END );
162 }
163
164 /**
165 * Add an element to an XML document buffer.
166 *
167 * @param strXmlBuffer
168 * The XML document buffer
169 * @param strTag
170 * The tag name of the element to add
171 * @param nValue
172 * The value of the element
173 */
174 public static void addElement( StringBuffer strXmlBuffer, String strTag, int nValue )
175 {
176 addElement( strXmlBuffer, strTag, String.valueOf( nValue ) );
177 }
178
179 /**
180 * Add a CDATA type element to XML document buffer.
181 *
182 * @param strXmlBuffer
183 * The XML document buffer
184 * @param strTag
185 * The tag name of the element to add
186 * @param strValue
187 * The value of the element
188 */
189 public static void addElementHtml( StringBuffer strXmlBuffer, String strTag, String strValue )
190 {
191 if ( SecurityUtil.containsXmlExternalEntityInjectionTerms( strValue ) )
192 {
193 return;
194 }
195
196 strXmlBuffer.append( TAG_BEGIN );
197 strXmlBuffer.append( strTag );
198 strXmlBuffer.append( "><![CDATA[" );
199 strXmlBuffer.append( strValue );
200 strXmlBuffer.append( "]]></" );
201 strXmlBuffer.append( strTag );
202 strXmlBuffer.append( TAG_END );
203 }
204
205 /**
206 * Add a CDATA type element to XML document buffer.
207 *
208 * @param strXmlBuffer
209 * The XML document buffer
210 * @param strTag
211 * The tag name of the element to add
212 * @param strValue
213 * The value of the element
214 * @param attrList
215 * The attributes list
216 */
217 public static void addElementHtml( StringBuffer strXmlBuffer, String strTag, String strValue, Map<?, ?> attrList )
218 {
219 if ( SecurityUtil.containsXmlExternalEntityInjectionTerms( strValue ) )
220 {
221 return;
222 }
223
224 strXmlBuffer.append( TAG_BEGIN );
225 strXmlBuffer.append( strTag );
226
227 if ( attrList != null )
228 {
229 for ( Entry<?, ?> entry : attrList.entrySet( ) )
230 {
231 String code = (String) entry.getKey( );
232 strXmlBuffer.append( TAG_SEPARATOR + code + TAG_ASSIGNMENT + TAG_ENCLOSED + entry.getValue( ) + TAG_ENCLOSED );
233 }
234 }
235
236 strXmlBuffer.append( "><![CDATA[" );
237 strXmlBuffer.append( strValue );
238 strXmlBuffer.append( "]]></" );
239 strXmlBuffer.append( strTag );
240 strXmlBuffer.append( TAG_END );
241
242 }
243
244 /**
245 * Add an opening tag for an element in a XML document buffer
246 *
247 * @param strXmlBuffer
248 * The XML document buffer
249 * @param strTag
250 * The tag name of the element to add
251 */
252 public static void beginElement( StringBuffer strXmlBuffer, String strTag )
253 {
254 beginElement( strXmlBuffer, strTag, null );
255 }
256
257 /**
258 * Add an opening tag for an element in a XML document buffer
259 *
260 * @param strXmlBuffer
261 * The XML document buffer
262 * @param strTag
263 * The tag name of the element to add
264 * @param attrList
265 * The attributes list
266 */
267 public static void beginElement( StringBuffer strXmlBuffer, String strTag, Map<?, ?> attrList )
268 {
269 strXmlBuffer.append( TAG_BEGIN );
270 strXmlBuffer.append( strTag );
271
272 if ( attrList != null )
273 {
274 for ( Entry<?, ?> entry : attrList.entrySet( ) )
275 {
276 String code = (String) entry.getKey( );
277 strXmlBuffer.append( TAG_SEPARATOR + code + TAG_ASSIGNMENT + TAG_ENCLOSED + entry.getValue( ) + TAG_ENCLOSED );
278 }
279 }
280
281 strXmlBuffer.append( TAG_END );
282 }
283
284 /**
285 * Add a closing tag for an element in a XML document buffer
286 *
287 * @param strXmlBuffer
288 * The XML document buffer
289 * @param strTag
290 * The tag name of the element to add
291 */
292 public static void endElement( StringBuffer strXmlBuffer, String strTag )
293 {
294 strXmlBuffer.append( TAG_CLOSE_BEGIN );
295 strXmlBuffer.append( strTag );
296 strXmlBuffer.append( TAG_END );
297 }
298 }