com.sun.org.apache.xml.internal.serialize.XMLSerializer

Here are the examples of the java api class com.sun.org.apache.xml.internal.serialize.XMLSerializer taken from open source projects.

1. BlazeDsXmlProcessingXXEVulnerability#testVulnerability()

Project: flex-blazeds
File: BlazeDsXmlProcessingXXEVulnerability.java
public void testVulnerability() throws Exception {
    int secret = (int) (Math.random() * 1000);
    // Create a temp file containing a secret.
    File temp = File.createTempFile("xxe-test", ".txt");
    PrintWriter out = new PrintWriter(temp);
    out.println(Integer.toString(secret));
    out.close();
    String uri = temp.toURI().toASCIIString();
    StringBuffer xml = new StringBuffer(512);
    xml.append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n");
    xml.append("<!DOCTYPE foo [\r\n");
    xml.append("<!ELEMENT foo ANY >\r\n");
    xml.append("<!ENTITY xxe SYSTEM \"" + uri + "\" >]>\r\n");
    xml.append("<foo>The Secret is: &xxe;</foo>");
    Document data = XMLUtil.stringToDocument(xml.toString());
    OutputFormat format = new OutputFormat(data);
    StringWriter stringOut = new StringWriter();
    XMLSerializer serial = new XMLSerializer(stringOut, format);
    serial.serialize(data);
    Assert.assertFalse(stringOut.toString().contains("The Secret is: " + Integer.toString(secret)));
}

2. XmlUtils#formatXml()

Project: Doradus
File: XmlUtils.java
public static String formatXml(String xmlText, String prefix) throws Exception {
    if (xmlText == null)
        return xmlText;
    Document doc = parseXml(xmlText);
    OutputFormat format = new OutputFormat(doc);
    format.setLineWidth(120);
    format.setIndenting(true);
    format.setIndent(4);
    Writer out = new StringWriter();
    XMLSerializer serializer = new XMLSerializer(out, format);
    serializer.serialize(doc);
    xmlText = StringUtils.trim(out.toString(), " \r\n");
    if (xmlText.startsWith("<?xml")) {
        int ind = xmlText.indexOf("?>");
        if (ind > 1) {
            xmlText = xmlText.substring(ind + 2);
            xmlText = StringUtils.trim(xmlText, " \r\n");
        }
    }
    return StringUtils.formatText(xmlText, prefix);
}