Module java.xml
Package javax.xml

Class XMLConstants

java.lang.Object
javax.xml.XMLConstants
public final class XMLConstants extends Object
Defines constants for XML Processing APIs.

External Access Properties

The value of the external access properties, including ACCESS_EXTERNAL_DTD, ACCESS_EXTERNAL_SCHEMA, and ACCESS_EXTERNAL_STYLESHEET, is defined as follows.

Value:

A list of protocols separated by comma. A protocol is the scheme portion of a URI, or in the case of the JAR protocol, "jar" plus the scheme portion separated by colon. A scheme is defined as:
scheme = alpha *( alpha | digit | "+" | "-" | "." )
where alpha = a-z and A-Z.

And the JAR protocol:
jar[:scheme]

Protocols including the keyword "jar" are case-insensitive. Any whitespaces as defined by Character.isSpaceChar(char) in the value will be ignored. Examples of protocols are file, http, jar:file.

Default value:

The default value is implementation specific and therefore not specified. The following options are provided for consideration:
  • an empty string to deny all access to external references;
  • a specific protocol, such as file, to give permission to only the protocol;
  • the keyword "all" to grant permission to all protocols.

When FEATURE_SECURE_PROCESSING is enabled, it is recommended that implementations restrict external connections by default, though this may cause problems for applications that process XML/XSD/XSL with external references.

Granting all access:

The keyword "all" grants permission to all protocols.

Property Precedence

Properties, including the External Access Properties and USE_CATALOG, can be specified through multiple configuration sources. They follow the configuration process as defined in the Configuration section of the module summary.
Since:
1.5
See Also:

  • Field Details

    • NULL_NS_URI

      public static final String NULL_NS_URI
      Namespace URI to use to represent that there is no Namespace.

      Defined by the Namespace specification to be "".

      See Also:

    • DEFAULT_NS_PREFIX

      public static final String DEFAULT_NS_PREFIX
      Prefix to use to represent the default XML Namespace.

      Defined by the XML specification to be "".

      See Also:

    • XML_NS_URI

      public static final String XML_NS_URI
      The official XML Namespace name URI.

      Defined by the XML specification to be "http://www.w3.org/XML/1998/namespace".

      See Also:

    • XML_NS_PREFIX

      public static final String XML_NS_PREFIX
      The official XML Namespace prefix.

      Defined by the XML specification to be "xml".

      See Also:

    • XMLNS_ATTRIBUTE_NS_URI

      public static final String XMLNS_ATTRIBUTE_NS_URI
      The official XML attribute used for specifying XML Namespace declarations, XMLConstants.XMLNS_ATTRIBUTE, Namespace name URI.

      Defined by the XML specification to be "http://www.w3.org/2000/xmlns/".

      See Also:

    • XMLNS_ATTRIBUTE

      public static final String XMLNS_ATTRIBUTE
      The official XML attribute used for specifying XML Namespace declarations.

      It is NOT valid to use as a prefix. Defined by the XML specification to be "xmlns".

      See Also:

    • W3C_XML_SCHEMA_NS_URI

      public static final String W3C_XML_SCHEMA_NS_URI
      W3C XML Schema Namespace URI.

      Defined to be "http://www.w3.org/2001/XMLSchema".

      See Also:

    • W3C_XML_SCHEMA_INSTANCE_NS_URI

      public static final String W3C_XML_SCHEMA_INSTANCE_NS_URI
      W3C XML Schema Instance Namespace URI.

      Defined to be "http://www.w3.org/2001/XMLSchema-instance".

      See Also:

    • W3C_XPATH_DATATYPE_NS_URI

      public static final String W3C_XPATH_DATATYPE_NS_URI
      W3C XPath Datatype Namespace URI.

      Defined to be "http://www.w3.org/2003/11/xpath-datatypes".

      See Also:

    • XML_DTD_NS_URI

      public static final String XML_DTD_NS_URI
      XML Document Type Declaration Namespace URI as an arbitrary value.

      Since not formally defined by any existing standard, arbitrarily define to be "http://www.w3.org/TR/REC-xml".

      See Also:

    • RELAXNG_NS_URI

      public static final String RELAXNG_NS_URI
      RELAX NG Namespace URI.

      Defined to be "http://relaxng.org/ns/structure/1.0".

      See Also:

    • FEATURE_SECURE_PROCESSING

      public static final String FEATURE_SECURE_PROCESSING
      Feature for secure processing.
      • true instructs the implementation to process XML securely. This may set limits on XML constructs to avoid conditions such as denial of service attacks.
      • false instructs the implementation to process XML in accordance with the XML specifications ignoring security issues such as limits on XML constructs to avoid conditions such as denial of service attacks.
      Implementation Note:
      when the Java Security Manager is present, the JDK sets the value of this feature to true and does not allow it to be turned off.
      See Also:

    • ACCESS_EXTERNAL_DTD

      public static final String ACCESS_EXTERNAL_DTD
      Property: accessExternalDTD

      Restrict access to external DTDs and external Entity References to the protocols specified. If access is denied due to the restriction of this property, a runtime exception that is specific to the context is thrown. In the case of SAXParser for example, SAXException is thrown.

      Value: as defined in the class description.

      System Property: javax.xml.accessExternalDTD.

      Configuration File: Yes. The property can be set in the configuration file.

      Since:
      1.7
      See Also:

    • ACCESS_EXTERNAL_SCHEMA

      public static final String ACCESS_EXTERNAL_SCHEMA

      Property: accessExternalSchema

      Restrict access to the protocols specified for external reference set by the schemaLocation attribute, Import and Include element. If access is denied due to the restriction of this property, a runtime exception that is specific to the context is thrown. In the case of SchemaFactory for example, org.xml.sax.SAXException is thrown.

      Value: as defined in the class description.

      System Property: javax.xml.accessExternalSchema

      Configuration File: Yes. The property can be set in the configuration file.

      Since:
      1.7
      See Also:

    • ACCESS_EXTERNAL_STYLESHEET

      public static final String ACCESS_EXTERNAL_STYLESHEET
      Property: accessExternalStylesheet

      Restrict access to the protocols specified for external references set by the stylesheet processing instruction, Import and Include element, and document function. If access is denied due to the restriction of this property, a runtime exception that is specific to the context is thrown. In the case of constructing new Transformer for example, TransformerConfigurationException will be thrown by the TransformerFactory.

      Value: as defined in the class description.

      System Property: javax.xml.accessExternalStylesheet

      Configuration File: Yes. The property can be set in the configuration file.

      Since:
      1.7
      See Also:

    • USE_CATALOG

      public static final String USE_CATALOG
      Feature: useCatalog

      Instructs XML processors to use XML Catalogs to resolve entity references. Catalogs may be set through JAXP factories, system properties, or configuration file by using the javax.xml.catalog.files property defined in CatalogFeatures. The following code enables Catalog on SAX parser: 

           SAXParserFactory spf = SAXParserFactory.newInstance();
     spf.setFeature(XMLConstants.USE_CATALOG, true);
     SAXParser parser = spf.newSAXParser();
     parser.setProperty(CatalogFeatures.Feature.FILES.getPropertyName(), "catalog.xml");

      Value: a boolean. If the value is true, and a catalog is set, the XML parser will resolve external references using CatalogResolver. If the value is false, XML Catalog is ignored even if one is set. The default value is true.

      System Property: javax.xml.useCatalog

      Configuration File: Yes. The property can be set in the configuration file.

      Since:
      9
      See Also: