made Enigma2 binding compile again after merge of private branch

author Kai Kreuzer <kai@openhab.org>

Sun, 24 Jan 2021 15:58:46 +0000 (16:58 +0100)

committer Kai Kreuzer <kai@openhab.org>

Sun, 24 Jan 2021 15:58:46 +0000 (16:58 +0100)
author Kai Kreuzer <kai@openhab.org>
Sun, 24 Jan 2021 15:58:46 +0000 (16:58 +0100)
committer Kai Kreuzer <kai@openhab.org>
Sun, 24 Jan 2021 15:58:46 +0000 (16:58 +0100)
diff --git a/bundles/org.openhab.binding.enigma2/src/main/java/org/openhab/binding/enigma2/internal/Enigma2Client.java b/bundles/org.openhab.binding.enigma2/src/main/java/org/openhab/binding/enigma2/internal/Enigma2Client.java

index 833e87eac1b9b92a48d96be19819e673f06bbe67..b695105c2be0d129ec6fc2af584c889de6c09216 100644 (file)
--- a/bundles/org.openhab.binding.enigma2/src/main/java/org/openhab/binding/enigma2/internal/Enigma2Client.java
+++ b/bundles/org.openhab.binding.enigma2/src/main/java/org/openhab/binding/enigma2/internal/Enigma2Client.java
@@ -81,16 +81,19 @@ public class Enigma2Client {
      private final Enigma2HttpClient enigma2HttpClient;
      private final DocumentBuilderFactory factory;
  
-    public Enigma2Client(String host, @Nullable String user, @Nullable String password, int requestTimeout)
-            throws ParserConfigurationException {
+    public Enigma2Client(String host, @Nullable String user, @Nullable String password, int requestTimeout) {
          enigma2HttpClient = new Enigma2HttpClient(requestTimeout);
          factory = DocumentBuilderFactory.newInstance();
          // see https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html
-        factory.setFeature("http://xml.org/sax/features/external-general-entities", false);
-        factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
-        factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
-        factory.setXIncludeAware(false);
-        factory.setExpandEntityReferences(false);
+        try {
+            factory.setFeature("http://xml.org/sax/features/external-general-entities", false);
+            factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
+            factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
+            factory.setXIncludeAware(false);
+            factory.setExpandEntityReferences(false);
+        } catch (ParserConfigurationException e) {
+            logger.warn("Failed setting parser features against XXE attacks!", e);
+        }
          if (StringUtils.isNotEmpty(user) && StringUtils.isNotEmpty(password)) {
              this.host = "http://" + user + ":" + password + "@" + host;
          } else {
author	Kai Kreuzer <kai@openhab.org>
	Sun, 24 Jan 2021 15:58:46 +0000 (16:58 +0100)
committer	Kai Kreuzer <kai@openhab.org>
	Sun, 24 Jan 2021 15:58:46 +0000 (16:58 +0100)