X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=PolicyEngineUtils%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fpolicy%2Futils%2FPolicyUtils.java;h=e17ddc6819db51cba04b19b2c4e212b95fd30194;hb=d6c76c07e016ef7dd3bf26ea945f1a3c736de412;hp=51409b6f796653d2263ee08c9382d0afe24fe36a;hpb=2e138a7997326fcf47c7d1be230dab24a4ca8cd1;p=policy%2Fengine.git

diff --git a/PolicyEngineUtils/src/main/java/org/onap/policy/utils/PolicyUtils.java b/PolicyEngineUtils/src/main/java/org/onap/policy/utils/PolicyUtils.java
index 51409b6f7..e17ddc681 100644
--- a/PolicyEngineUtils/src/main/java/org/onap/policy/utils/PolicyUtils.java
+++ b/PolicyEngineUtils/src/main/java/org/onap/policy/utils/PolicyUtils.java
@@ -2,7 +2,7 @@
  * ============LICENSE_START=======================================================
  * PolicyEngineUtils
  * ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -31,6 +31,7 @@ import java.util.StringTokenizer;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
+import javax.xml.XMLConstants;
 import javax.xml.parsers.SAXParser;
 import javax.xml.parsers.SAXParserFactory;
 
@@ -53,12 +54,12 @@ import com.google.gson.JsonSyntaxException;
 
 public class PolicyUtils {
     private static final Logger LOGGER = FlexLogger.getLogger(PolicyUtils.class);
-    
+    public static final String CATCH_EXCEPTION = "PE500: An exception was caught.";  
     public static final String EMAIL_PATTERN =
             "^[_A-Za-z0-9-\\+]+(\\.[_A-Za-z0-9-]+)*@"
             + "[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$";
     private static final String PACKAGE_ERROR = "mismatched input '{' expecting one of the following tokens: '[package";
-    private static final String SUCCESS = "success";
+    public static final String SUCCESS = "success";
     
     private PolicyUtils(){
         // Private Constructor
@@ -114,7 +115,7 @@ public class PolicyUtils {
     public static String[] decodeBasicEncoding(String encodedValue) throws UnsupportedEncodingException {
         if(encodedValue!=null && encodedValue.contains("Basic ")){
             String encodedUserPassword = encodedValue.replaceFirst("Basic"  + " ", "");
-            String usernameAndPassword = null;
+            String usernameAndPassword;
             byte[] decodedBytes = Base64.getDecoder().decode(encodedUserPassword);
             usernameAndPassword = new String(decodedBytes, "UTF-8");
             StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, ":");
@@ -194,7 +195,9 @@ public class PolicyUtils {
             return false;
         }
         for (char c : number.toCharArray()){
-            if (!Character.isDigit(c)) return false;
+            if (!Character.isDigit(c)) {
+            	return false;
+            }
         }
         return true;
     }
@@ -276,10 +279,15 @@ public class PolicyUtils {
      * @return
      */
     public static boolean isXMLValid(String data) {
+    	if(data == null || data.isEmpty()){
+        	return false;
+        }
         SAXParserFactory factory = SAXParserFactory.newInstance();
         factory.setValidating(false);
         factory.setNamespaceAware(true);
-        try {
+        
+        try {    
+			factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);		
             SAXParser parser = factory.newSAXParser();
             XMLReader reader = parser.getXMLReader();
             reader.setErrorHandler(new XMLErrorHandler());