jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Martijn Hendriks" <marti...@gx.nl>
Subject RE: Validation in QName class
Date Mon, 17 Sep 2007 09:44:34 GMT
Hi Stefan,

Performance is a good argument of course. For this particular problem,
however, I think that some check inside Jackrabbit is needed because the
whole repository may become unusable by one wrong QName. The
NodeTypeRegistry.validateNodeTypeDef method could be used for that. What
do you think about adding some checks for invalid QNames there?

Best regards,

Martijn

--

Martijn Hendriks
<GX> creative online development B.V.
 
t: 024 - 3888 261
f: 024 - 3888 621
e: martijnh@gx.nl
 
Wijchenseweg 111
6538 SW Nijmegen
http://www.gx.nl/  

> -----Original Message-----
> From: Stefan Guggisberg [mailto:stefan.guggisberg@gmail.com] 
> Sent: Monday, September 17, 2007 11:20 AM
> To: dev@jackrabbit.apache.org
> Subject: Re: Validation in QName class
> 
> On 9/17/07, Stefan Guggisberg <stefan.guggisberg@gmail.com> wrote:
> > hi martijn,
> >
> > On 9/17/07, Martijn Hendriks <martijnh@gx.nl> wrote:
> > > Hi all,
> > >
> > > The QName class does not do any validation on the syntax of the 
> > > local part. As a result, it is really easy to destroy your 
> > > repository by registration of a nodetype with, for instance, a 
> > > property with QName {http://myapp/a}local1:local2. The 
> > > NodeTypeRegistry only validates the prefix part on 
> registration. The 
> > > local part is validated when the custom_nodetypes.xml are 
> read in on 
> > > a subsequent startup which will fail because of the 
> invalid name... 
> > > (JR 1.3)
> > >
> > > The javadoc of the Qname constructor says explicitly that 
> the format 
> > > of the local part is not validated and that the NameFormat class 
> > > should be used. Imo it would be good to validate the 
> local part in 
> > > both the constructor and the valueOf method, or is there 
> a reason not to do this?
> >
> > QName's are only heavily used internally and assumed to be 
> > syntactically
> 
> erm, i meant: "heavily used and internally only"
> 
> > correct. validations are intentionally avoided for 
> performance reasons.
> >
> > cheers
> > stefan
> >
> > >
> > > Best wishes,
> > >
> > > Martijn
> > >
> > > --
> > >
> > > Martijn Hendriks
> > > <GX> creative online development B.V.
> > >
> > > t: 024 - 3888 261
> > > f: 024 - 3888 621
> > > e: martijnh@gx.nl
> > >
> > > Wijchenseweg 111
> > > 6538 SW Nijmegen
> > > http://www.gx.nl/
> > >
> >
> 

Mime
View raw message