001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.xslcontent.util;
016    
017    import com.liferay.portal.kernel.io.unsync.UnsyncByteArrayOutputStream;
018    import com.liferay.portal.kernel.util.HttpUtil;
019    import com.liferay.portal.util.PropsValues;
020    
021    import java.io.ByteArrayInputStream;
022    
023    import java.net.URL;
024    
025    import javax.xml.XMLConstants;
026    import javax.xml.parsers.DocumentBuilder;
027    import javax.xml.parsers.DocumentBuilderFactory;
028    import javax.xml.transform.Source;
029    import javax.xml.transform.Transformer;
030    import javax.xml.transform.TransformerConfigurationException;
031    import javax.xml.transform.TransformerFactory;
032    import javax.xml.transform.dom.DOMSource;
033    import javax.xml.transform.stream.StreamResult;
034    
035    import org.w3c.dom.Document;
036    
037    /**
038     * @author Brian Wing Shun Chan
039     * @author Samuel Kong
040     */
041    public class XSLContentUtil {
042    
043            public static final String DEFAULT_XML_URL =
044                    "@portal_url@/html/portlet/xsl_content/example.xml";
045    
046            public static final String DEFAULT_XSL_URL =
047                    "@portal_url@/html/portlet/xsl_content/example.xsl";
048    
049            public static String transform(URL xmlUrl, URL xslUrl) throws Exception {
050                    DocumentBuilderFactory documentBuilderFactory =
051                            DocumentBuilderFactory.newInstance();
052    
053                    documentBuilderFactory.setFeature(
054                            "http://apache.org/xml/features/disallow-doctype-decl",
055                            PropsValues.XSL_CONTENT_XML_DOCTYPE_DECLARATION_ALLOWED);
056                    documentBuilderFactory.setFeature(
057                            "http://xml.org/sax/features/external-general-entities",
058                            PropsValues.XSL_CONTENT_XML_EXTERNAL_GENERAL_ENTITIES_ALLOWED);
059                    documentBuilderFactory.setFeature(
060                            "http://xml.org/sax/features/external-parameter-entities",
061                            PropsValues.XSL_CONTENT_XML_EXTERNAL_PARAMETER_ENTITIES_ALLOWED);
062    
063                    documentBuilderFactory.setNamespaceAware(true);
064    
065                    DocumentBuilder documentBuilder =
066                            documentBuilderFactory.newDocumentBuilder();
067    
068                    TransformerFactory transformerFactory =
069                            TransformerFactory.newInstance();
070    
071                    try {
072                            transformerFactory.setFeature(
073                                    XMLConstants.FEATURE_SECURE_PROCESSING,
074                                    PropsValues.XSL_CONTENT_XSL_SECURE_PROCESSING_ENABLED);
075                    }
076                    catch (TransformerConfigurationException tce) {
077                    }
078    
079                    Transformer transformer = transformerFactory.newTransformer(
080                            getXslSource(documentBuilder, xslUrl));
081    
082                    UnsyncByteArrayOutputStream unsyncByteArrayOutputStream =
083                            new UnsyncByteArrayOutputStream();
084    
085                    transformer.transform(
086                            getXmlSource(documentBuilder, xmlUrl),
087                            new StreamResult(unsyncByteArrayOutputStream));
088    
089                    return unsyncByteArrayOutputStream.toString();
090            }
091    
092            protected static Source getXmlSource(
093                            DocumentBuilder documentBuilder, URL xmlUrl)
094                    throws Exception {
095    
096                    String xml = HttpUtil.URLtoString(xmlUrl);
097    
098                    Document xmlDocument = documentBuilder.parse(
099                            new ByteArrayInputStream(xml.getBytes()));
100    
101                    return new DOMSource(xmlDocument);
102            }
103    
104            protected static Source getXslSource(
105                            DocumentBuilder documentBuilder, URL xslUrl)
106                    throws Exception {
107    
108                    String xsl = HttpUtil.URLtoString(xslUrl);
109    
110                    Document xslDocument = documentBuilder.parse(
111                            new ByteArrayInputStream(xsl.getBytes()));
112    
113                    return new DOMSource(xslDocument);
114            }
115    
116    }