Bug #5938
closed
Trying to compile XSLT from file after setting set_configuration_property('http://saxon.sf.net/feature/allowedProtocols', 'http,https') gives java.lang.NullPointerException
100%
Description
I am used to set the processor to only allow http and https as the allowed protocols if I tend to deploy Saxon with Java or .NET or Python to a server, the intent (which worked fine for me so far) is to disallow user code in XSLT/XPath/XQuery to access the file system with e.g. the doc, collection, unparsed-text, json-doc functions.
However, with SaxonC HE 12.1, that approach now gives me a NullPointerException when simply trying to compile some XSLT (from file):
from saxonche import *
with PySaxonProcessor(license=False) as proc:
print(proc.version)
proc.set_configuration_property('http://saxon.sf.net/feature/allowedProtocols', 'http,https')
xslt30_processor = proc.new_xslt30_processor()
xslt30_executable = xslt30_processor.compile_stylesheet(stylesheet_file='pipeline-for-svrl.xsl.SaxonEE12CompiledForHE.sef')
Output:
SaxonC-HE 12.1 from Saxonica
Traceback (most recent call last):
File "C:\Users\marti\PycharmProjects\SaxonHEC12ProtocolRestrictionTest1\XSLTCompilationTest1.py", line 10, in <module>
xslt30_executable = xslt30_processor.compile_stylesheet(stylesheet_file='pipeline-for-svrl.xsl.SaxonEE12CompiledForHE.sef')
File "python_saxon\saxonc.pyx", line 1150, in saxonche.PyXslt30Processor.compile_stylesheet
RuntimeError: NullPointer exception found: java.lang.NullPointerException
at net.sf.saxon.lib.ProtocolRestrictor.lambda$new$2(ProtocolRestrictor.java:55)
at net.sf.saxon.lib.ProtocolRestrictor.lambda$new$3(ProtocolRestrictor.java:60)
at net.sf.saxon.lib.ProtocolRestrictor.test(ProtocolRestrictor.java:70)
at net.sf.saxon.lib.DirectResourceResolver.resolve(DirectResourceResolver.java:58)
at net.sf.saxon.lib.ResourceRequest.resolve(ResourceRequest.java:130)
at net.sf.saxon.option.cpp.SaxonCAPI.resolveFileToSource(SaxonCAPI.java:1186)
at net.sf.saxon.option.cpp.Xslt30Processor.compileFromFile(Xslt30Processor.java:318)
. Line number: -1
I guess the NullPointerException is a bug in any case, I don't know whether subjecting the XSLT compilation to protocol restrictions is intended, I don't think this happened in 12.0.
For it's worth, I tried some similar Java code with Saxon HE 12.1
Processor processor = new Processor(false);
processor.setConfigurationProperty(Feature.ALLOWED_PROTOCOLS, "http,https");
XsltCompiler xsltCompiler = processor.newXsltCompiler();
XsltExecutable xsltExecutable = xsltCompiler.compile(new File("pipeline-for-svrl.xsl.SaxonEE12CompiledForHE.sef"));
and there I don't get any error or protocol exceptions.
Files
Updated by Martin Honnen over 1 year ago
Event if I set e.g. proc.set_configuration_property('http://saxon.sf.net/feature/allowedProtocols', 'file,http,https') I get the NullPointerException.
Updated by O'Neil Delpratt over 1 year ago
Do you have a repo that you can add to this issue please or send via email?
Updated by Martin Honnen over 1 year ago
- File saxon-compile-xslt-with-prot-restr1.py saxon-compile-xslt-with-prot-restr1.py added
- File identity1.xsl identity1.xsl added
The relevant Python code is in the issue already, while it shows a particular XSLT I don't think that matters, so any XSLT will trigger the null pointer exception; I will attach two files that give the exception.
SaxonC-HE 12.1 from Saxonica
Traceback (most recent call last):
File "/home/mh/saxon-compile-xslt-with-prot-restr1.py", line 10, in <module>
xslt30_executable = xslt30_processor.compile_stylesheet(stylesheet_file='identity1.xsl')
File "python_saxon/saxonc.pyx", line 1150, in saxonche.PyXslt30Processor.compile_stylesheet
saxonche.PySaxonApiError: NullPointer exception found: java.lang.NullPointerException
at net.sf.saxon.lib.ProtocolRestrictor.lambda$new$2(ProtocolRestrictor.java:55)
at net.sf.saxon.lib.ProtocolRestrictor.lambda$new$3(ProtocolRestrictor.java:60)
at net.sf.saxon.lib.ProtocolRestrictor.test(ProtocolRestrictor.java:70)
at net.sf.saxon.lib.DirectResourceResolver.resolve(DirectResourceResolver.java:58)
at net.sf.saxon.lib.ResourceRequest.resolve(ResourceRequest.java:130)
at net.sf.saxon.option.cpp.SaxonCAPI.resolveFileToSource(SaxonCAPI.java:1186)
at net.sf.saxon.option.cpp.Xslt30Processor.compileFromFile(Xslt30Processor.java:318)
. Line number: -1
Updated by O'Neil Delpratt over 1 year ago
- Status changed from New to Resolved
- % Done changed from 0 to 100
Thanks. I have managed to reproduce it and patched a fix in the SaxonCAPI class.
Running the python script again gives the following error:
saxoncee.PySaxonApiError: URIs using protocol file are not permitted. Line number: -1
Updated by Martin Honnen over 1 year ago
O'Neil Delpratt wrote in #note-4:
Thanks. I have managed to reproduce it and patched a fix in the SaxonCAPI class.
Running the python script again gives the following error:
saxoncee.PySaxonApiError: URIs using protocol file are not permitted. Line number: -1
Is that the intended behaviour with SaxonC 12 and the Python API and the setting processor.setConfigurationProperty(Feature.ALLOWED_PROTOCOLS, "http,https");?
For Java https://www.saxonica.com/html/documentation12/javadoc/net/sf/saxon/lib/Feature.html#ALLOWED_PROTOCOLS I am used to have the setting (http,https) block XSLT file access from XSLT code for e.g. xsl:import or xsl:include or doc, unparsed-text, collection, uri-collection, json-doc but certainly not for my Java code trying to compile an XSLT stylesheet with the Java API.
Updated by O'Neil Delpratt over 1 year ago
- Status changed from Resolved to In Progress
Due to how we resolve files before compiling them this rule is being applied. This is an interesting problem that I will have to investigate further and decide what the best thing is to do.
Updated by O'Neil Delpratt over 1 year ago
- Status changed from In Progress to Resolved
I have added a further fix to do what Java does. I have put back in the fallback mechanism which creates a Source object from a File.
Updated by Martin Honnen over 1 year ago
Even with current, intermediate 12.2 Windows build I continue to get a NullPointerException:
SaxonC-HE 12.2 from Saxonica
Traceback (most recent call last):
File "C:\Users\marti\PycharmProjects\SaxonCHE122ProtResCompileXslTest\compile-with-prot-restr1.py", line 10, in <module>
xslt30_executable = xslt30_processor.compile_stylesheet(stylesheet_file='identity1.xsl')
File "python_saxon\saxonc.pyx", line 1157, in saxonche.PyXslt30Processor.compile_stylesheet
if isinstance(value, str):
saxonche.PySaxonApiError: NullPointer exception found: java.lang.NullPointerException
at net.sf.saxon.lib.ProtocolRestrictor.lambda$new$2(ProtocolRestrictor.java:55)
at net.sf.saxon.lib.ProtocolRestrictor.lambda$new$3(ProtocolRestrictor.java:60)
at net.sf.saxon.lib.ProtocolRestrictor.test(ProtocolRestrictor.java:70)
at net.sf.saxon.lib.DirectResourceResolver.resolve(DirectResourceResolver.java:58)
at net.sf.saxon.lib.ResourceRequest.resolve(ResourceRequest.java:130)
at net.sf.saxon.option.cpp.SaxonCAPI.resolveFileToSource(SaxonCAPI.java:1211)
at net.sf.saxon.option.cpp.Xslt30Processor.compileFromFile(Xslt30Processor.java:318)
. Line number: -1
Process finished with exit code 1
Updated by O'Neil Delpratt over 1 year ago
- Status changed from Resolved to In Progress
Updated by O'Neil Delpratt over 1 year ago
- Status changed from In Progress to Resolved
I have added a patch in the SaxonCAPI.java file to use the fallback mechanism. Similar to comment #7 but to also catch the NullPointerException.
Updated by O'Neil Delpratt over 1 year ago
- Status changed from Resolved to Closed
- Fixed in version set to 12.2
Bug fix applied in the SaxonC 12.2 maintenance release.
Please register to edit this issue
.