santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael McIntosh <mike...@us.ibm.com>
Subject Re: What is XMLUtils::addReturnToElement for?
Date Wed, 04 Apr 2007 21:58:47 GMT
Perhaps I was not clear. I know I can change the code. But due to 
constraints imposed by other organizations I cannot easily redistribute 
the changed code or binaries produced from it. I'd prefer that this code 
be changed in the Apache source. In the Java source there is currently no 
way to make these '\n's optional. The function looks like:

   public static void addReturnToElement(Element e) {
      Document doc = e.getOwnerDocument();
      e.appendChild(doc.createTextNode("\n"));
   }

and calls to it are not protected by any if statements. On my system I've 
replaced it with this:

   public static void addReturnToElement(Element e) {
      if (null == 
System.getProperty("org.apache.xml.security.util.XMLUtils.ignoreAddReturnToElement")) 
{
         Document doc = e.getOwnerDocument();
         e.appendChild(doc.createTextNode("\n"));
      }
   }

I suspect there is a more efficient way that is more consistent with 
similar things in the XML Security project, but I'm not familiar enough 
with the code. Perhaps someone that is familiar code could recommend how 
this should be done, and even better could commit the change. Another 
responder suggested not changing the function behavior, but since it is 
called in so many places (66 times in 17 files) that would require too 
many changes.

Thanks,
Mike

raul.benito.garcia@gmail.com wrote on 04/04/2007 05:01:35 PM:

> I think, you can change the code as much as you want. 
> But there is some feature to make this return optionals. The only 
> place where the standard force it are in the Base64 representation 
> of the digest and signature value, that must be split at 80 chars 
> (apache xmlsec does not have any problem with this, but perhaps 
> other implementations relay on this) 
> 
> Regards,
> 
> Raul
> 

> On 4/4/07, Michael McIntosh <mikemci@us.ibm.com> wrote:
> I was refering to the Java version - but my notation has betrayed my C++
> roots ;-)
> 
> raul.benito.garcia@gmail.com wrote on 04/04/2007 03:31:49 PM:
> 
> > Hi Mike, 
> > With your notation I think you are referring to C++ version. Don't 
you?
> 
> > On 4/4/07, Michael McIntosh < mikemci@us.ibm.com> wrote:
> > I know what XMLUtils::addReturnToElement does, by why do it? 
> > I acknowledge that adding the occasional line to an XML document makes
> it
> > more readable in certain circumstances, but I'd really like to be able
> to
> > turn it off.
> > Actually I'd like to leave it alone, but a system I need to 
interoperate 
> 
> > with cannot accept Signatures with whitespaces in certain places.
> > No need to tell me its should be allowed - I know - but I cannot 
change
> > their code.
> > I have a fix - which is to change the source code for the funciton to 
> turn
> > it into a no-op when a system property is set, but I'd like to not 
need
> to
> > redistribute my modified Apache source code.
> >
> > Thanks,
> > Mike
> >
> > Michael McIntosh 
> > Java and Web Services Security Group
> > Security, Privacy, and Extensible Technologies Department
> > IBM Research
> >
> >
> >
> > --
> > http://r-bg.com 
> 
> 
> 
> -- 
> http://r-bg.com 

Mime
View raw message