This article shows how to convert a String to an XML document and an XML document back to a String in Java, using DOM parser and JDOM2 parser.
- 1. Convert String to XML (DOM Parser)
- 2. Convert String to XML (JDOM2 Parser)
- 3. Download Source Code
- 4. References
1. Convert String to XML (DOM Parser)
This example shows how to use a DOM parser to convert a String to an XML document and back to a String.
ConvertStringToXmlDom.java
package com.mkyong.xml.tips;
import org.w3c.dom.Document;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
// DOM Parser
public class ConvertStringToXmlDom {
final static String str = "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" +
"<company>\n" +
" <staff id=\"1001\">\n" +
" <name>mkyong</name>\n" +
" <role>support</role>\n" +
" <salary currency=\"USD\">5000</salary>\n" +
" <!-- for special characters like < &, need CDATA -->\n" +
" <bio><![CDATA[HTML tag <code>testing</code>]]></bio>\n" +
" </staff>\n" +
" <staff id=\"1002\">\n" +
" <name>yflow</name>\n" +
" <role>admin</role>\n" +
" <salary currency=\"EUR\">8000</salary>\n" +
" <bio><![CDATA[a & b]]></bio>\n" +
" </staff>\n" +
"</company>";
public static void main(String[] args) {
// String to XML Document
Document document = convertStringToXml(str);
// XML Document to String
String xml = convertXmlToString(document);
System.out.println(xml);
}
private static String convertXmlToString(Document doc) {
DOMSource domSource = new DOMSource(doc);
StringWriter writer = new StringWriter();
StreamResult result = new StreamResult(writer);
TransformerFactory tf = TransformerFactory.newInstance();
Transformer transformer = null;
try {
transformer = tf.newTransformer();
transformer.transform(domSource, result);
} catch (TransformerException e) {
throw new RuntimeException(e);
}
return writer.toString();
}
private static Document convertStringToXml(String xmlString) {
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
try {
// optional, but recommended
// process XML securely, avoid attacks like XML External Entities (XXE)
dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
DocumentBuilder builder = dbf.newDocumentBuilder();
Document doc = builder.parse(new InputSource(new StringReader(xmlString)));
return doc;
} catch (ParserConfigurationException | IOException | SAXException e) {
throw new RuntimeException(e);
}
}
}
Output
Terminal
<?xml version="1.0" encoding="utf-8" standalone="no"?><company>
<staff id="1001">
<name>mkyong</name>
<role>support</role>
<salary currency="USD">5000</salary>
<!-- for special characters like < &, need CDATA -->
<bio><![CDATA[HTML tag <code>testing</code>]]></bio>
</staff>
<staff id="1002">
<name>yflow</name>
<role>admin</role>
<salary currency="EUR">8000</salary>
<bio><![CDATA[a & b]]></bio>
</staff>
</company>
2. Convert String to XML (JDOM2 Parser)
This example shows how to use a JDOM2 parser to convert a String to an XML document and back to a String.
pom.xml
<dependency>
<groupId>org.jdom</groupId>
<artifactId>jdom2</artifactId>
<version>2.0.6</version>
</dependency>
ConvertStringToXmlJDom2.java
package com.mkyong.xml.tips;
import org.jdom2.Document;
import org.jdom2.JDOMException;
import org.jdom2.input.SAXBuilder;
import org.jdom2.output.Format;
import org.jdom2.output.XMLOutputter;
import javax.xml.XMLConstants;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
// JDOM2 Parser
public class ConvertStringToXmlJDom2 {
final static String str = "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" +
"<company>\n" +
" <staff id=\"1001\">\n" +
" <name>mkyong</name>\n" +
" <role>support</role>\n" +
" <salary currency=\"USD\">5000</salary>\n" +
" <!-- for special characters like < &, need CDATA -->\n" +
" <bio><![CDATA[HTML tag <code>testing</code>]]></bio>\n" +
" </staff>\n" +
" <staff id=\"1002\">\n" +
" <name>yflow</name>\n" +
" <role>admin</role>\n" +
" <salary currency=\"EUR\">8000</salary>\n" +
" <bio><![CDATA[a & b]]></bio>\n" +
" </staff>\n" +
"</company>";
public static void main(String[] args) {
// String to XML Document
Document document = convertStringToXml(str);
// XML Document to String
String xml = convertXmlDocumentToString(document);
System.out.println(xml);
}
private static String convertXmlDocumentToString(Document doc) {
XMLOutputter xmlOutput = new XMLOutputter();
xmlOutput.setFormat(Format.getPrettyFormat());
StringWriter result = new StringWriter();
try {
xmlOutput.output(doc, result);
} catch (IOException e) {
throw new RuntimeException(e);
}
return result.toString();
}
private static Document convertStringToXml(String xmlString) {
SAXBuilder sax = new SAXBuilder();
// https://rules.sonarsource.com/java/RSPEC-2755
// prevent xxe
sax.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD, "");
sax.setProperty(XMLConstants.ACCESS_EXTERNAL_SCHEMA, "");
try {
Document doc = sax.build(new StringReader(xmlString));
return doc;
} catch (JDOMException | IOException e) {
throw new RuntimeException(e);
}
}
}
Output
Terminal
<?xml version="1.0" encoding="UTF-8"?>
<company>
<staff id="1001">
<name>mkyong</name>
<role>support</role>
<salary currency="USD">5000</salary>
<!-- for special characters like < &, need CDATA -->
<bio><![CDATA[HTML tag <code>testing</code>]]></bio>
</staff>
<staff id="1002">
<name>yflow</name>
<role>admin</role>
<salary currency="EUR">8000</salary>
<bio><![CDATA[a & b]]></bio>
</staff>
</company>
3. Download Source Code
$ git clone https://github.com/mkyong/core-java
$ cd java-xml
$ cd src/main/java/com/mkyong/xml/tips/
private static String formatXML(String unformattedXml) {
try {
Document document = parseXmlFile(unformattedXml);
TransformerFactory transformerFactory = TransformerFactory.newInstance();
transformerFactory.setAttribute(“indent-number”, 3);
//IR157 starts security fix
transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, “”);
transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, “”);
//IR157 ends
Transformer transformer = transformerFactory.newTransformer();
transformer.setOutputProperty(OutputKeys.INDENT, “yes”);
DOMSource source = new DOMSource(document);
StreamResult xmlOutput = new StreamResult(new StringWriter());
transformer.transform(source, xmlOutput);
return xmlOutput.getWriter().toString();
} catch (TransformerException e) {
throw new RuntimeException(e);
}
}
this code is giving me Improper restriction to XXE ref, can you please help
This is a good article