Issue1268

The following patch prevents SAX from loading external DTDs. These
caused Jython to crash when parsing XML documents with Doctypes (such as
XHTML or SVG).

Included is a simple testcase that fails in the latest SVN versions.
Applying the patch fixes the error. The following error is displayed:

Traceback (most recent call last):
  File "test_parseString.py", line 6, in <module>
    xml = parseString(data)
  File "/Users/fdb/Java/jython-svn/dist/Lib/xml/dom/minidom.py", line
1933, in parseString
    return _do_pulldom_parse(pulldom.parseString, (string,),
  File "/Users/fdb/Java/jython-svn/dist/Lib/xml/dom/minidom.py", line
1908, in _do_pulldom_parse
    toktype, rootNode = events.getEvent()
  File "/Users/fdb/Java/jython-svn/dist/Lib/xml/dom/pulldom.py", line
275, in _slurp
    self.parser.parse(self.stream)
  File
"/Users/fdb/Java/jython-svn/dist/Lib/xml/sax/drivers2/drv_javasax.py",
line 143, in parse
    self._parser.parse(JyInputSourceWrapper(source))
  File
"/Users/fdb/Java/jython-svn/dist/Lib/xml/sax/drivers2/drv_javasax.py",
line 92, in resolveEntity
    return JyInputSourceWrapper(self._resolver.resolveEntity(pubId, sysId))
  File
"/Users/fdb/Java/jython-svn/dist/Lib/xml/sax/drivers2/drv_javasax.py",
line 77, in __init__
    if source.getByteStream():
AttributeError: 'unicode' object has no attribute 'getByteStream'

The original patch contained an oversight where the actual changed line
was commented out for testing purposes. The new patch fixes the problem.

I have come across the same bug when trying to actually use the external
DTD functionality. After attaching following line into my XML file:

<!DOCTYPE common SYSTEM "common.dtd">

I got the error mentioned by Frederik. Luckily there is an easy fix for
this issue. Following line in JyInputSourceWrapper needs to be changed from:
        if isinstance(source, str):
            javasax.InputSource.__init__(self, source)
to:
        if isinstance(source, str) or isinstance(source, unicode):
            javasax.InputSource.__init__(self, source)

After Lukasz Heldt fix i get (i dont get this on cpython):

java.io.FileNotFoundException: java.io.FileNotFoundException:
C:\sysdef_1_4_0.dtd (The system can
not find the file specified)

I added the patch and its ok do-not-load-external-dtds.patch.txt

Turning off DTD validation seems the cleanest solution and is conform
with the Python parsing API, which does not validate external DTDs.

Lukasz Heldt is right, the correct fix for this is to have JyInputSource check for unicode as well as ordinary str types.

Fix checked in at revision 7028.

However, the fix mentioned above gives rise to a consequent error, which is that any attempt to retrieve the actual DTD file from the w3.org web site for xhtml strict gives a HTTP 503 - Service Unavailable error.

The only way to solve that problem is to use set the "load-external-dtds" feature to False.

I'll see if I can find a simple way to make this easily configurable for the end user.