Mercurial > hg > openjdk > jdk8u > jdk
changeset 11427:84ed5919d06f
8149029: Secure validation of XML based digital signature always enabled when checking wrapping attacks
Summary: Trigger xml digsig validation based on value of property org.jcp.xml.dsig.secureValidation
Reviewed-by: mullan
Contributed-by: bhanu.prakash.gopularam@oracle.com
author | bgopularam |
---|---|
date | Thu, 11 Feb 2016 00:47:07 -0800 |
parents | 103329a57527 |
children | 78def9711bfe |
files | src/share/classes/org/jcp/xml/dsig/internal/dom/DOMURIDereferencer.java |
diffstat | 1 files changed, 3 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMURIDereferencer.java Tue Dec 29 10:40:43 2015 -0500 +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMURIDereferencer.java Thu Feb 11 00:47:07 2016 -0800 @@ -21,7 +21,7 @@ * under the License. */ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved. */ /* * $Id: DOMURIDereferencer.java 1231033 2012-01-13 12:12:12Z coheigea $ @@ -111,7 +111,8 @@ try { ResourceResolver apacheResolver = ResourceResolver.getInstance(uriAttr, baseURI, secVal); - XMLSignatureInput in = apacheResolver.resolve(uriAttr, baseURI); + XMLSignatureInput in = apacheResolver.resolve(uriAttr, + baseURI, secVal); if (in.isOctetStream()) { return new ApacheOctetStreamData(in); } else {