You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

244 lines
12 KiB

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
<meta name="generator" content="Doxygen 1.8.9.1"/>
<title>Xerces-C++: SecurityManager Class Reference</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr style="height: 56px;">
<td style="padding-left: 0.5em;">
<div id="projectname">Xerces-C++
&#160;<span id="projectnumber">3.1.2</span>
</div>
</td>
</tr>
</tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.8.9.1 -->
<div id="navrow1" class="tabs">
<ul class="tablist">
<li><a href="index.html"><span>Main&#160;Page</span></a></li>
<li><a href="pages.html"><span>Related&#160;Pages</span></a></li>
<li class="current"><a href="annotated.html"><span>Classes</span></a></li>
<li><a href="files.html"><span>Files</span></a></li>
</ul>
</div>
<div id="navrow2" class="tabs2">
<ul class="tablist">
<li><a href="annotated.html"><span>Class&#160;List</span></a></li>
<li><a href="classes.html"><span>Class&#160;Index</span></a></li>
<li><a href="hierarchy.html"><span>Class&#160;Hierarchy</span></a></li>
<li><a href="functions.html"><span>Class&#160;Members</span></a></li>
</ul>
</div>
</div><!-- top -->
<div class="header">
<div class="summary">
<a href="#pub-types">Public Types</a> &#124;
<a href="#pro-attribs">Protected Attributes</a> &#124;
<a href="classSecurityManager-members.html">List of all members</a> </div>
<div class="headertitle">
<div class="title">SecurityManager Class Reference</div> </div>
</div><!--header-->
<div class="contents">
<p>Allow application to force the parser to behave in a security-conscious way.
<a href="classSecurityManager.html#details">More...</a></p>
<table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="pub-types"></a>
Public Types</h2></td></tr>
<tr class="memitem:a5925d3ee1f15fb4ef3109541586526a1"><td class="memItemLeft" align="right" valign="top">enum &#160;</td><td class="memItemRight" valign="bottom">{ <a class="el" href="classSecurityManager.html#a5925d3ee1f15fb4ef3109541586526a1a6dad0e3a441fd164f44fabc84a28bd12">ENTITY_EXPANSION_LIMIT</a> = 50000
}</td></tr>
<tr class="separator:a5925d3ee1f15fb4ef3109541586526a1"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="pub-methods"></a>
Public Member Functions</h2></td></tr>
<tr><td colspan="2"><div class="groupHeader">default Constructors</div></td></tr>
<tr class="memitem:a47b3dd1601ff8a02a82c6dd1cd7ac47d"><td class="memItemLeft" align="right" valign="top">&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSecurityManager.html#a47b3dd1601ff8a02a82c6dd1cd7ac47d">SecurityManager</a> ()</td></tr>
<tr class="memdesc:a47b3dd1601ff8a02a82c6dd1cd7ac47d"><td class="mdescLeft">&#160;</td><td class="mdescRight">Default constructor. <a href="#a47b3dd1601ff8a02a82c6dd1cd7ac47d">More...</a><br /></td></tr>
<tr class="separator:a47b3dd1601ff8a02a82c6dd1cd7ac47d"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a0ef2e2147bba9659c3b64214b509f208"><td class="memItemLeft" align="right" valign="top">virtual&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSecurityManager.html#a0ef2e2147bba9659c3b64214b509f208">~SecurityManager</a> ()</td></tr>
<tr class="memdesc:a0ef2e2147bba9659c3b64214b509f208"><td class="mdescLeft">&#160;</td><td class="mdescRight">Destructor. <a href="#a0ef2e2147bba9659c3b64214b509f208">More...</a><br /></td></tr>
<tr class="separator:a0ef2e2147bba9659c3b64214b509f208"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr><td colspan="2"><div class="groupHeader">The Security Manager</div></td></tr>
<tr class="memitem:aa38733a32fdf624e5538728217d88f09"><td class="memItemLeft" align="right" valign="top">virtual void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSecurityManager.html#aa38733a32fdf624e5538728217d88f09">setEntityExpansionLimit</a> (<a class="el" href="Xerces__autoconf__config_8borland_8hpp.html#ac0f7e36996cd03eb43bcee10321f77cd">XMLSize_t</a> newLimit)</td></tr>
<tr class="memdesc:aa38733a32fdf624e5538728217d88f09"><td class="mdescLeft">&#160;</td><td class="mdescRight">An application should call this method when it wishes to specify a particular limit to the number of entity expansions the parser will permit in a particular document. <a href="#aa38733a32fdf624e5538728217d88f09">More...</a><br /></td></tr>
<tr class="separator:aa38733a32fdf624e5538728217d88f09"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:ac59e3ac312b0baea093e0fb29c737df3"><td class="memItemLeft" align="right" valign="top">virtual <a class="el" href="Xerces__autoconf__config_8borland_8hpp.html#ac0f7e36996cd03eb43bcee10321f77cd">XMLSize_t</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSecurityManager.html#ac59e3ac312b0baea093e0fb29c737df3">getEntityExpansionLimit</a> () const </td></tr>
<tr class="memdesc:ac59e3ac312b0baea093e0fb29c737df3"><td class="mdescLeft">&#160;</td><td class="mdescRight">Permits the application or a parser component to query the current limit for entity expansions. <a href="#ac59e3ac312b0baea093e0fb29c737df3">More...</a><br /></td></tr>
<tr class="separator:ac59e3ac312b0baea093e0fb29c737df3"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="pro-attribs"></a>
Protected Attributes</h2></td></tr>
<tr class="memitem:a1b3c11aab0d2ffdb7e707d124c91bf2e"><td class="memItemLeft" align="right" valign="top"><a class="el" href="Xerces__autoconf__config_8borland_8hpp.html#ac0f7e36996cd03eb43bcee10321f77cd">XMLSize_t</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="classSecurityManager.html#a1b3c11aab0d2ffdb7e707d124c91bf2e">fEntityExpansionLimit</a></td></tr>
<tr class="separator:a1b3c11aab0d2ffdb7e707d124c91bf2e"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table>
<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
<div class="textblock"><p>Allow application to force the parser to behave in a security-conscious way. </p>
<p>There are cases in which an XML- or XmL-schema- conformant processor can be presented with documents the processing of which can involve the consumption of prohibitive amounts of system resources. Applications can attach instances of this class to parsers that they've created, via the <a href="http://apache.org/xml/properties/security-manager">http://apache.org/xml/properties/security-manager</a> property. </p>
<p>Defaults will be provided for all known security holes. Setter methods will be provided on this class to ensure that an application can customize each limit as it chooses. Components that are vulnerable to any given hole need to be written to act appropriately when an instance of this class has been set on the calling parser. </p>
</div><h2 class="groupheader">Member Enumeration Documentation</h2>
<a class="anchor" id="a5925d3ee1f15fb4ef3109541586526a1"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">anonymous enum</td>
</tr>
</table>
</div><div class="memdoc">
<table class="fieldtable">
<tr><th colspan="2">Enumerator</th></tr><tr><td class="fieldname"><a class="anchor" id="a5925d3ee1f15fb4ef3109541586526a1a6dad0e3a441fd164f44fabc84a28bd12"></a>ENTITY_EXPANSION_LIMIT&#160;</td><td class="fielddoc">
</td></tr>
</table>
</div>
</div>
<h2 class="groupheader">Constructor &amp; Destructor Documentation</h2>
<a class="anchor" id="a47b3dd1601ff8a02a82c6dd1cd7ac47d"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">SecurityManager::SecurityManager </td>
<td>(</td>
<td class="paramname"></td><td>)</td>
<td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Default constructor. </p>
</div>
</div>
<a class="anchor" id="a0ef2e2147bba9659c3b64214b509f208"></a>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">virtual SecurityManager::~SecurityManager </td>
<td>(</td>
<td class="paramname"></td><td>)</td>
<td></td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">virtual</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<p>Destructor. </p>
</div>
</div>
<h2 class="groupheader">Member Function Documentation</h2>
<a class="anchor" id="ac59e3ac312b0baea093e0fb29c737df3"></a>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">virtual <a class="el" href="Xerces__autoconf__config_8borland_8hpp.html#ac0f7e36996cd03eb43bcee10321f77cd">XMLSize_t</a> SecurityManager::getEntityExpansionLimit </td>
<td>(</td>
<td class="paramname"></td><td>)</td>
<td> const</td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">virtual</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<p>Permits the application or a parser component to query the current limit for entity expansions. </p>
<dl class="section return"><dt>Returns</dt><dd>the current setting of the entity expansion limit </dd></dl>
</div>
</div>
<a class="anchor" id="aa38733a32fdf624e5538728217d88f09"></a>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">virtual void SecurityManager::setEntityExpansionLimit </td>
<td>(</td>
<td class="paramtype"><a class="el" href="Xerces__autoconf__config_8borland_8hpp.html#ac0f7e36996cd03eb43bcee10321f77cd">XMLSize_t</a>&#160;</td>
<td class="paramname"><em>newLimit</em></td><td>)</td>
<td></td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">virtual</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<p>An application should call this method when it wishes to specify a particular limit to the number of entity expansions the parser will permit in a particular document. </p>
<p>The default behaviour should allow the parser to validate nearly all XML non-malicious XML documents; if an application knows that it is operating in a domain where entities are uncommon, for instance, it may wish to provide a limit lower than the parser's default.</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">newLimit</td><td>the new entity expansion limit </td></tr>
</table>
</dd>
</dl>
</div>
</div>
<h2 class="groupheader">Member Data Documentation</h2>
<a class="anchor" id="a1b3c11aab0d2ffdb7e707d124c91bf2e"></a>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="Xerces__autoconf__config_8borland_8hpp.html#ac0f7e36996cd03eb43bcee10321f77cd">XMLSize_t</a> SecurityManager::fEntityExpansionLimit</td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">protected</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
</div>
</div>
<hr/>The documentation for this class was generated from the following file:<ul>
<li><a class="el" href="SecurityManager_8hpp_source.html">SecurityManager.hpp</a></li>
</ul>
</div><!-- contents -->
<!-- start footer part -->
<hr class="footer"/><address class="footer"><small>
Generated on Wed Mar 18 2015 10:43:38 for Xerces-C++ by &#160;<a href="http://www.doxygen.org/index.html">
<img class="footer" src="doxygen.png" alt="doxygen"/>
</a> 1.8.9.1
</small></address>
</body>
</html>