Force use of Saxon for XSLT transformation

ISAITB · Feb 17, 2025 · f9a7944 · f9a7944
1 parent 889ce55
commit f9a7944
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/validation-commons/pom.xml b/validation-commons/pom.xml
@@ -55,6 +55,10 @@
             <groupId>com.googlecode.owasp-java-html-sanitizer</groupId>
             <artifactId>owasp-java-html-sanitizer</artifactId>
         </dependency>
+        <dependency>
+            <groupId>net.sf.saxon</groupId>
+            <artifactId>Saxon-HE</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>

diff --git a/validation-commons/src/main/java/eu/europa/ec/itb/validation/commons/Utils.java b/validation-commons/src/main/java/eu/europa/ec/itb/validation/commons/Utils.java
@@ -10,6 +10,7 @@
 import jakarta.xml.bind.JAXBElement;
 import jakarta.xml.bind.JAXBException;
 import jakarta.xml.bind.Unmarshaller;
+import net.sf.saxon.TransformerFactoryImpl;
 import org.owasp.html.HtmlPolicyBuilder;
 import org.owasp.html.PolicyFactory;
 import org.w3c.dom.Document;
@@ -101,7 +102,7 @@ public static Transformer secureTransformer() {
      * @return The factory to use.
      */
     public static TransformerFactory secureTransformerFactory() {
-        TransformerFactory transformerFactory = TransformerFactory.newInstance();
+        TransformerFactory transformerFactory = TransformerFactoryImpl.newInstance();
         transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
         transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, "");
         return transformerFactory;