-
Bug
-
Resolution: Fixed
-
Normal
-
10.0.0.FL
-
None
-
Security Level: Jimmy
-
None
Steps to Reproduce
Add DOCTYPE xml declaration to zk.xml causes the SAX parser to refuse to parse the file
<!DOCTYPE xml>
Current Result
LOGS : 2024-01-18 11:20:27,917 [main] ERROR org.zkoss.zk.ui.http.WebManager - Unable to load /WEB-INF/zk.xml
org.xml.sax.SAXParseException: DOCTYPE is disallowed when the feature http://apache.org/xml/features/disallow-doctype-decl set to true.
at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:204) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:178) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:400) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:327) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1465) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl$PrologDriver.next(XMLDocumentScannerImpl.java:898) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:605) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:114) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:542) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:889) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:825) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1224) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:637) ~[na:na]
at java.xml/com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl.parse(SAXParserImpl.java:326) ~[na:na]
at java.xml/javax.xml.parsers.SAXParser.parse(SAXParser.java:276) ~[na:na]
at org.zkoss.idom.input.SAXBuilder.build(SAXBuilder.java:342) ~[zcommon-10.0.0.FL.20240110-Eval.jar:10.0.0.FL.20240110]
at org.zkoss.zk.ui.sys.ConfigParser.parse(ConfigParser.java:277) ~[zk-10.0.0.FL.20240110-Eval.jar:10.0.0.FL.20240110]
at org.zkoss.zk.ui.http.WebManager.<init>(WebManager.java:181) ~[zk-10.0.0.FL.20240110-Eval.jar:10.0.0.FL.20240110]
at org.zkoss.zk.ui.http.WebManager.<init>(WebManager.java:112) ~[zk-10.0.0.FL.20240110-Eval.jar:10.0.0.FL.20240110]
at org.zkoss.zk.ui.http.HttpSessionListener23.contextInitialized(HttpSessionListener23.java:141) ~[zk-10.0.0.FL.20240110-Eval.jar:10.0.0.FL.20240110]
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4462) ~[catalina.jar:9.0.82]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:4914) ~[catalina.jar:9.0.82]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:171) ~[catalina.jar:9.0.82]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1332) ~[catalina.jar:9.0.82]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1322) ~[catalina.jar:9.0.82]
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317) ~[na:na]
at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75) ~[tomcat-util.jar:9.0.82]
at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:145) ~[na:na]
at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:866) ~[catalina.jar:9.0.82]
at org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:794) ~[catalina.jar:9.0.82]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:171) ~[catalina.jar:9.0.82]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1332) ~[catalina.jar:9.0.82]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1322) ~[catalina.jar:9.0.82]
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317) ~[na:na]
at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75) ~[tomcat-util.jar:9.0.82]
at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:145) ~[na:na]
at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:866) ~[catalina.jar:9.0.82]
at org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:248) ~[catalina.jar:9.0.82]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:171) ~[catalina.jar:9.0.82]
at org.apache.catalina.core.StandardService.startInternal(StandardService.java:433) ~[catalina.jar:9.0.82]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:171) ~[catalina.jar:9.0.82]
at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:921) ~[catalina.jar:9.0.82]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:171) ~[catalina.jar:9.0.82]
at org.apache.catalina.startup.Catalina.start(Catalina.java:772) ~[catalina.jar:9.0.82]
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103) ~[na:na]
at java.base/java.lang.reflect.Method.invoke(Method.java:580) ~[na:na]
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:347) ~[bootstrap.jar:9.0.82]
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:478) ~[bootstrap.jar:9.0.82]
Expected Result
No error OR declared as on-purpose restriction
Debug Information
Caused by setting which explicitly disallow DOCTYPE in parsed files
https://xerces.apache.org/xerces2-j/features.html#disallow-doctype-decl
https://github.com/zkoss/zk/commit/8a94e3e730d1486348115e87892d26ec560f9d25
Workaround
remove DOCTYPE declaration from xml files