search

sahaya / rest-assured

Automatically exported from code.google.com/p/rest-assured
0 stars 0 forks source link

Parsing XML that references a DTD that doesn't exist fails #237

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Have a service endpoint ("/legacy") return the following XML
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE LegacyService SYSTEM "http://example.com/dtd/NonExistent.dtd">
<LegacyService>
</LegacyService>

2. execute get("/legacy").xmlPath()

What is the expected output? What do you see instead?

Would expect that at this point I can continue working with the returned 
XmlPath. 

Instead the following exceptions occur

com.jayway.restassured.exception.ParsePathException: Failed to parse the XML 
document
    at com.jayway.restassured.path.xml.XmlPath$ExceptionCatcher.invoke(XmlPath.java:767)
    at com.jayway.restassured.path.xml.XmlPath.parseInputStream(XmlPath.java:713)
    at com.jayway.restassured.path.xml.XmlPath.<init>(XmlPath.java:195)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
    at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
    at org.codehaus.groovy.reflection.CachedConstructor.invoke(CachedConstructor.java:77)
    at org.codehaus.groovy.runtime.callsite.ConstructorSite$ConstructorSiteNoUnwrapNoCoerce.callConstructor(ConstructorSite.java:102)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallConstructor(CallSiteArray.java:54)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor(AbstractCallSite.java:182)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor(AbstractCallSite.java:194)
    at com.jayway.restassured.internal.RestAssuredResponseImpl.newXmlPath(RestAssuredResponseImpl.groovy:422)
    at com.jayway.restassured.internal.RestAssuredResponseImpl.this$2$newXmlPath(RestAssuredResponseImpl.groovy)
    at com.jayway.restassured.internal.RestAssuredResponseImpl$this$2$newXmlPath.callCurrent(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:46)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:133)
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:141)
    at com.jayway.restassured.internal.RestAssuredResponseImpl.xmlPath(RestAssuredResponseImpl.groovy:316)
    at bt.listener.it.BaseIT.validateApprovedResponse(BaseIT.java:50)
    at bt.listener.it.BaseIT.testSale(BaseIT.java:64)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
    at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
    at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
    at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
    at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
    at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
    at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
    at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
    at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
    at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
    at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
    at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
    at org.junit.runner.JUnitCore.run(JUnitCore.java:157)
    at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:77)
    at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:195)
    at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:63)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at com.intellij.rt.execution.application.AppMain.main(AppMain.java:120)
Caused by: java.io.FileNotFoundException: http://example.com/dtd/NonExistent.dtd
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1434)
    at java.net.URL.openStream(URL.java:1010)
    at org.apache.xerces.impl.XMLEntityManager.setupCurrentEntity(Unknown Source)
    at org.apache.xerces.impl.XMLEntityManager.startEntity(Unknown Source)
    at org.apache.xerces.impl.XMLEntityManager.startDTDEntity(Unknown Source)
    at org.apache.xerces.impl.XMLDTDScannerImpl.setInputSource(Unknown Source)
    at org.apache.xerces.impl.XMLDocumentScannerImpl$DTDDispatcher.dispatch(Unknown Source)
    at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
    at org.apache.xerces.parsers.DTDConfiguration.parse(Unknown Source)
    at org.apache.xerces.parsers.DTDConfiguration.parse(Unknown Source)
    at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
    at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
    at groovy.util.XmlSlurper.parse(XmlSlurper.java:146)
    at groovy.util.XmlSlurper.parse(XmlSlurper.java:183)
    at com.jayway.restassured.path.xml.XmlPath$3.method(XmlPath.java:715)
    at com.jayway.restassured.path.xml.XmlPath$ExceptionCatcher.invoke(XmlPath.java:765)
    ... 47 more

I believe being able to set the following on the XmlSlurper would resolve this 
issue

def parser = new XmlSlurper() 
parser.setFeature("http://xml.org/sax/features/external-general-entities", 
false) 
parser.setFeature("http://xml.org/sax/features/external-parameter-entities", 
false) 

What version of the product are you using? On what operating system?

The attached maven project is using version 1.8.0 of Rest Assured. Has been 
tested on Windows 8.

Please provide any additional information below.

I've attached a minimal maven project that has a servlet that returns the above 
XML and uses Rest Assured version 1.8.0 to test it. Running the test causes the 
above exception.

Original issue reported on code.google.com by casey.du...@gmail.com on 14 May 2013 at 2:59

Attachments:

GoogleCodeExporter commented 9 years ago 
Thanks for the detailed description. 

Note to self: 
http://groovy.329449.n5.nabble.com/XmlParser-XmlSlurper-howto-disable-DTD-valida
tion-td353673.html

Original comment by johan.ha...@gmail.com on 15 May 2013 at 6:21

GoogleCodeExporter commented 9 years ago 
This is now fixed in master. You can configure the XmlPath using an 
XmlPathConfig where you've specified "disableLoadingOfExternalDtd". Please try 
it out by depending on version 1.8.1-SNAPSHOT after having added the following 
maven repo:

<repositories>
        <repository>
            <id>sonatype</id>
            <url>https://oss.sonatype.org/content/repositories/snapshots/</url>
            <snapshots />
        </repository>
</repositories>

Original comment by johan.ha...@gmail.com on 4 Jun 2013 at 7:18

GoogleCodeExporter commented 9 years ago

Original comment by johan.ha...@gmail.com on 4 Jun 2013 at 7:18