&XercesCName; defines a numeric preprocessor macro, _XERCES_VERSION, for users to introduce into their code to perform conditional compilation where the version of &XercesCName; is detected in order to enable or disable version specific capabilities. For example,
The minor and revision (patch level) numbers have two digits of resolution which means that '1' becomes '01' and '2' becomes '02' in this example.
There are also other string macros or constants to represent the Xerces-C++ version.
Please refer to the xercesc/util/XercesVersion.hpp header for details.
&XercesCName; contains an implementation of the W3C XML Schema
Language. See the
In addition to using the parse() method to parse an XML File.
You can use the other two parsing methods, parseFirst() and parseNext()
to do the so called progressive parsing. This way you don't
have to depend on throwing an exception to terminate the
parsing operation.
Calling parseFirst() will cause the DTD (both internal and
external subsets), and any pre-content, i.e. everything up to
but not including the root element, to be parsed. Subsequent calls to
parseNext() will cause one more pieces of markup to be parsed,
and propagated from the core scanning code to the parser (and
hence either on to you if using SAX/SAX2 or into the DOM tree if
using DOM).
You can quit the parse any time by just not
calling parseNext() anymore and breaking out of the loop. When
you call parseNext() and the end of the root element is the
next piece of markup, the parser will continue on to the end
of the file and return false, to let you know that the parse
is done. So a typical progressive parse loop will look like
this:
In this case, our event handler object (named 'handler')
is watching for some criteria and will
return a status from its getDone() method. Since
the handler
sees the SAX events coming out of the SAXParser, it can tell
when it finds what it wants. So we loop until we get no more
data or our handler indicates that it saw what it wanted to
see.
When doing non-progressive parses, the parser can easily know when the parse is complete and insure that any used resources are cleaned up. Even in the case of a fatal parsing error, it can clean up all per-parse resources. However, when progressive parsing is done, the client code doing the parse loop might choose to stop the parse before the end of the primary file is reached. In such cases, the parser will not know that the parse has ended, so any resources will not be reclaimed until the parser is destroyed or another parse is started.
This might not seem like such a bad thing; however, in this case, the files and sockets which were opened in order to parse the referenced XML entities will remain open. This could cause serious problems. Therefore, you should destroy the parser instance in such cases, or restart another parse immediately. In a future release, a reset method will be provided to do this more cleanly.
Also note that you must create a scan token and pass it
back in on each call. This insures that things don't get done
out of sequence. When you call parseFirst() or
parse(), any
previous scan tokens are invalidated and will cause an error
if used again. This prevents incorrect mixed use of the two
different parsing schemes or incorrect calls to
parseNext().
&XercesCName; provides a function to pre-parse the grammar so that users can check for any syntax error before using the grammar. Users can also optionally cache these pre-parsed grammars for later use during actual parsing.
Here is an example:
Besides caching pre-parsed schema grammars, users can also cache any grammars encountered during an xml document parse.
Here is an example:
We can use any previously cached grammars when parsing new xml documents. Here are some examples on how to use those cached grammars:
There are some limitations about caching and using cached grammars:
The &XercesCName; supports loadable message text. Although the current distribution only supports English, it is capable of supporting other languages. Anyone interested in contributing any translations should contact us. This would be an extremely useful service.
In order to support the local message loading services, all the error messages are captured in an XML file in the src/xercesc/NLS/ directory. There is a simple program, in the tools/NLS/Xlat/ directory, which can translate that text in various formats. It currently supports a simple 'in memory' format (i.e. an array of strings), the Win32 resource format, and the message catalog format. The 'in memory' format is intended for very simple installations or for use when porting to a new platform (since you can use it until you can get your own local message loading support done.)
In the src/xercesc/util/ directory, there is an XMLMsgLoader class. This is an abstraction from which any number of message loading services can be derived. Your platform driver file can create whichever type of message loader it wants to use on that platform. &XercesCName; currently has versions for the in memory format, the Win32 resource format, the message catalog format, and ICU message loader. Some of the platforms can support multiple message loaders, in which case a #define token is used to control which one is used. You can set this in your build projects to control the message loader type used.
&XercesCName; also supports pluggable transcoding services. The XMLTransService class is an abstract API that can be derived from, to support any desired transcoding service. XMLTranscoder is the abstract API for a particular instance of a transcoder for a particular encoding. The platform driver file decides what specific type of transcoder to use, which allows each platform to use its native transcoding services, or the ICU service if desired.
Implementations are provided for Win32 native services, ICU services, and the iconv services available on many Unix platforms. The Win32 version only provides native code page services, so it can only handle XML code in the intrinsic encodings ASCII, UTF-8, UTF-16 (Big/Small Endian), UCS4 (Big/Small Endian), EBCDIC code pages IBM037, IBM1047 and IBM1140 encodings, ISO-8859-1 (aka Latin1) and Windows-1252. The ICU version provides all of the encodings that ICU supports. The iconv version will support the encodings supported by the local system. You can use transcoders we provide or create your own if you feel ours are insufficient in some way, or if your platform requires an implementation that &XercesCName; does not provide.
All platform dependent code in &XercesCName; has been
isolated to a couple of files, which should ease the porting
effort. The src/xercesc/util directory
contains all such files. In particular:
src/xercesc/util/FileManagers directory
contains implementations of file managers for various
platforms.src/xercesc/util/MutexManagers directory
contains implementations of mutex managers for various
platforms.src/xercesc/util/Xerces_autoconf_const* files
provide base definitions for various platforms.Other concerns are:
Finally, you need to decide about how to define XMLCh. Generally,
XMLCh should be defined to be a type suitable for holding a
utf-16 encoded (16 bit) value, usually an unsigned short.
All XML data is handled within &XercesCName; as strings of XMLCh characters. Regardless of the size of the type chosen, the data stored in variables of type XMLCh will always be utf-16 encoded values.
Unlike XMLCh, the encoding of wchar_t is platform dependent. Sometimes it is utf-16 (AIX, Windows), sometimes ucs-4 (Solaris, Linux), sometimes it is not based on Unicode at all (HP/UX, AS/400, system 390).
Some earlier releases of &XercesCName; defined XMLCh to be the same type as wchar_t on most platforms, with the goal of making it possible to pass XMLCh strings to library or system functions that were expecting wchar_t parameters. This approach has been abandoned because of
&XercesCName; makes use of C++ namespace to make sure its
definitions do not conflict with other libraries and
applications. As a result applications must
namespace-qualify all &XercesCName; classes, data and
variables using the xercesc name. Alternatively,
applications can use using xercesc::<Name>;
declarations
to make individual &XercesCName; names visible in the
current scope
or using namespace xercesc;
definition to make all &XercesCName; names visible in the
current scope.
While the above information should be sufficient for the majority
of applications, for cases where several versions of the &XercesCName;
library must be used in the same application, namespace versioning is
provided. The following convenience macros can be used to access the
&XercesCName; namespace names with versions embedded
(see src/xercesc/util/XercesDefs.hpp):
&XercesCName; provides mechanisms for Native Language Support (NLS). Even though the current distribution has only English message file, it is capable of supporting other languages once the translated version of the target language is available.
An application can specify the locale for the message loader in their very first invocation to XMLPlatformUtils::Initialize() by supplying a parameter for the target locale intended. The default locale is "en_US".
&XercesCName; searches for message files at the location
specified in the XERCESC_NLS_HOME environment
variable and, if that is not set, at the default
message directory, $XERCESCROOT/msg.
Application can specify an alternative location for the message files in their very first invocation to XMLPlatformUtils::Initialize() by supplying a parameter for the alternative location.
&XercesCName; reports panic conditions encountered to the panic handler installed. The panic handler can take whatever action appropriate to handle the panic condition.
&XercesCName; allows application to provide a customized panic handler (class implementing the interface PanicHandler), in its very first invocation of XMLPlatformUtils::Initialize().
In the absence of an application-specific panic handler, &XercesCName; default panic handler is installed and used, which aborts program whenever a panic condition is encountered.
Certain applications wish to maintain precise control over memory allocation. This enables them to recover more easily from crashes of individual components, as well as to allocate memory more efficiently than a general-purpose OS-level procedure with no knowledge of the characteristics of the program making the requests for memory. In &XercesCName; this is supported via the Pluggable Memory Handler.
Users who wish to implement their own MemoryManager,
an interface found in xercesc/framework/MemoryManager.hpp,
need to implement only two methods:
To maximize the amount of flexibility that applications have in terms of controlling memory allocation, a MemoryManager instance may be set as part of the call to XMLPlatformUtils::Initialize() to allow for static initialization to be done with the given MemoryHandler; a (possibly different) MemoryManager may be passed in to the constructors of all Xerces parser objects as well, and all dynamic allocations within the parsers will make use of this object. Assuming that MyMemoryHandler is a class that implements the MemoryManager interface, here is a bit of pseudocode which illustrates these ideas:
If a user provides a MemoryManager object to the parser, then the user owns that object. It is also important to note that &XercesCName; default implementation simply uses the global new and delete operators.
The purpose of the SecurityManager class is to permit applications a means to have the parser reject documents whose processing would otherwise consume large amounts of system resources. Malicious use of such documents could be used to launch a denial-of-service attack against a system running the parser. Initially, the SecurityManager only knows about attacks that can result from exponential entity expansion; this is the only known attack that involves processing a single XML document. Other, similar attacks can be launched if arbitrary schemas may be parsed; there already exist means (via use of the EntityResolver interface) by which applications can deny processing of untrusted schemas. In future, the SecurityManager will be expanded to take these other exploits into account.
The SecurityManager class is very simple: It will contain getters and setters corresponding to each known variety of exploit. These will reflect limits that the application may impose on the parser with respect to the processing of various XML constructs. When an instance of SecurityManager is instantiated, default values for these limits will be provided that should suit most applications.
By default, &XercesCName; is a wholly conformant XML parser; that is, no security-related considerations will be observed by default. An application must provide an instance of the SecurityManager class to a parser in order to make that parser behave in a security-conscious manner. For example:
Note that SecurityManager instances may be set on all kinds of &XercesCName; parsers; please see the documentation for the individual parsers for details.
Note also that the application always owns the SecurityManager instance. The default SecurityManager that &XercesCName; provides is not thread-safe; although it only uses primitive operations at the moment, users may need to extend the class with a thread-safe implementation on some platforms.
For performance and modularity &XercesCName; provides a mechanism for specifying the scanner to be used when scanning an XML document. Such mechanism will enable the creation of special purpose scanners that can be easily plugged in.
&XercesCName; supports the following scanners:
The WFXMLScanner is a non-validating scanner which performs well-formedness check only. It does not do any DTD/XMLSchema processing. If the XML document contains a DOCTYPE, it will be silently ignored (i.e. no warning message is issued). Similarly, any schema specific attributes (e.g. schemaLocation), will be treated as normal element attributes. Setting grammar specific features/properties will have no effect on its behavior (e.g. setLoadExternalDTD(true) is ignored).
The DGXMLScanner handles XML documents with DOCTYPE information. It does not do any XMLSchema processing, which means that any schema specific attributes (e.g. schemaLocation), will be treated as normal element attributes. Setting schema grammar specific features/properties will have no effect on its behavior (e.g. setDoSchema(true) and setLoadSchema(true) are ignored).
The SGXMLScanner handles XML documents with XML schema grammar information. If the XML document contains a DOCTYPE, it will be ignored. Namespace and schema processing features are on by default, and setting them to off has not effect.
The IGXMLScanner is an integrated scanner and handles XML documents with DTD and/or XML schema grammar. This is the default scanner used by the various parsers if no scanner is specified.