Mercurial > hg > openjdk > jdk8u > jdk

changeset 11427:84ed5919d06f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8149029: Secure validation of XML based digital signature always enabled when checking wrapping attacks Summary: Trigger xml digsig validation based on value of property org.jcp.xml.dsig.secureValidation Reviewed-by: mullan Contributed-by: bhanu.prakash.gopularam@oracle.com
author bgopularam
date Thu, 11 Feb 2016 00:47:07 -0800
parents 103329a57527
children 78def9711bfe
files src/share/classes/org/jcp/xml/dsig/internal/dom/DOMURIDereferencer.java
diffstat 1 files changed, 3 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMURIDereferencer.java	Tue Dec 29 10:40:43 2015 -0500
+++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMURIDereferencer.java	Thu Feb 11 00:47:07 2016 -0800
@@ -21,7 +21,7 @@
  * under the License.
  */
 /*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved.
  */
 /*
  * $Id: DOMURIDereferencer.java 1231033 2012-01-13 12:12:12Z coheigea $
@@ -111,7 +111,8 @@
         try {
             ResourceResolver apacheResolver =
                 ResourceResolver.getInstance(uriAttr, baseURI, secVal);
-            XMLSignatureInput in = apacheResolver.resolve(uriAttr, baseURI);
+            XMLSignatureInput in = apacheResolver.resolve(uriAttr,
+                                                          baseURI, secVal);
             if (in.isOctetStream()) {
                 return new ApacheOctetStreamData(in);
             } else {