01: /*
02:
03: Licensed to the Apache Software Foundation (ASF) under one or more
04: contributor license agreements. See the NOTICE file distributed with
05: this work for additional information regarding copyright ownership.
06: The ASF licenses this file to You under the Apache License, Version 2.0
07: (the "License"); you may not use this file except in compliance with
08: the License. You may obtain a copy of the License at
09:
10: http://www.apache.org/licenses/LICENSE-2.0
11:
12: Unless required by applicable law or agreed to in writing, software
13: distributed under the License is distributed on an "AS IS" BASIS,
14: WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15: See the License for the specific language governing permissions and
16: limitations under the License.
17:
18: */
19: package org.apache.batik.bridge;
20:
21: import org.apache.batik.util.ParsedURL;
22:
23: /**
24: * This implementation of the <tt>ExternalResourceSecurity</tt> interface only
25: * allows external resources embeded in the document, i.e., externalResources
26: * embeded with the data protocol.
27: *
28: * @author <a href="mailto:vhardy@apache.org">Vincent Hardy</a>
29: * @version $Id: EmbededExternalResourceSecurity.java 475477 2006-11-15 22:44:28Z cam $
30: */
31: public class EmbededExternalResourceSecurity implements
32: ExternalResourceSecurity {
33: public static final String DATA_PROTOCOL = "data";
34:
35: /**
36: * Message when trying to load a external resource that is not embeded
37: * in the document.
38: */
39: public static final String ERROR_EXTERNAL_RESOURCE_NOT_EMBEDED = "EmbededExternalResourceSecurity.error.external.esource.not.embeded";
40:
41: /**
42: * The exception is built in the constructor and thrown if
43: * not null and the checkLoadExternalResource method is called.
44: */
45: protected SecurityException se;
46:
47: /**
48: * Controls whether the externalResource should be loaded or not.
49: *
50: * @throws SecurityException if the externalResource should not be loaded.
51: */
52: public void checkLoadExternalResource() {
53: if (se != null) {
54: throw se;
55: }
56: }
57:
58: /**
59: * @param externalResourceURL url for the externalResource, as defined in
60: * the externalResource's xlink:href attribute. If that
61: * attribute was empty, then this parameter should
62: * be null
63: */
64: public EmbededExternalResourceSecurity(ParsedURL externalResourceURL) {
65: if (externalResourceURL == null
66: || !DATA_PROTOCOL.equals(externalResourceURL
67: .getProtocol())) {
68: se = new SecurityException(Messages.formatMessage(
69: ERROR_EXTERNAL_RESOURCE_NOT_EMBEDED,
70: new Object[] { externalResourceURL }));
71:
72: }
73: }
74: }
|