Hi all,
If the web.xml containing fully qualified URL, jetty by default tries to resolve it, even if validation is set to false.
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
This prevents local jetty for staring programatically if the machine is not connected to the internet, or is behind a proxy server.
The relevant code in org.eclipse.jetty.xml.XmlParser
There are few ways to disable that, either by:
2- Override XmlParser.resolveEntity() to return empty InputSource.
3- Possibility to create new XmlParser from WebDescriptor.
However, those options are not possible with the current jetty code, and we ended up overriding protected WebDescriptor._parserSingleton.
Is there a possibility to have a configuration parameter for disabling entity resolution?
Below are related code snippets
Thanks,
Ahmed
-----------------------------------
Minimal test case that shows the error, run this from a machine without internet connection or it is behind a proxy.
XmlParser parser = new XmlParser(false);
// to have <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
parser.parse(new File("web.xml"));
-----------------------------------
Nasty workaround:
final Field field = WebDescriptor.class.getDeclaredField("_parserSingleton");
field.setAccessible(true);
field.set(null, new XmlParser(false) {
@Override
protected InputSource resolveEntity(final String pid, final String sid) {
return new InputSource(new StringReader(""));
}
});
-----------------------------------
