📜 Implement encoding handling in XML requests (#12)

* 📜 Implement encoding handling in XML requests

* Fix XML encoding marker

* Fix XML encoding marker²

* 🛠️ Handle invalid charset encoding in XMLRequestExtractor

Author: coreequip

Dockerfile

@@ -1,15 +1,10 @@
-# Verwenden Sie ein schlankes OpenJDK-Basisimage
 FROM eclipse-temurin:21-alpine
 
-# Setze das Arbeitsverzeichnis
 WORKDIR /app
 
-# Kopiere die JAR-Datei und das Datenverzeichnis in das Image
 COPY build/libs/xrviz.jar /app/xrviz.jar
 COPY data /app/data
 
-# Exponieren Sie die relevanten Ports (optional, falls Ihr daemon auf bestimmten ports hört)
 EXPOSE 4000
 
-# Startbefehl für das JAR
 CMD ["java", "-jar", "/app/xrviz.jar"]

build.gradle

@@ -15,8 +15,9 @@ repositories {
 }
 
 dependencies {
-    implementation 'net.sf.saxon:Saxon-HE:12.4'
+    implementation 'net.sf.saxon:Saxon-HE:12.5'
     implementation 'org.apache.xmlgraphics:fop:2.9'
+    implementation 'com.googlecode.juniversalchardet:juniversalchardet:1.0.3'
 }
 
 jar {
@@ -49,7 +50,7 @@ tasks.register('buildDockerImage', Exec) {
 
 wrapper {
     distributionType = Wrapper.DistributionType.BIN
-    gradleVersion = '8.7'
+    gradleVersion = '8.10.1'
 }
 
 tasks.register('createVersionBadge') {
@@ -61,3 +62,22 @@ tasks.register('createVersionBadge') {
         outputFile.text = inputFile.text.replaceAll('\\$VERS\\$', currentVersion)
     }
 }
+
+tasks.register('getLatestGradleVersion') {
+    doLast {
+        def responseText = project.resources.text.fromUri('https://api.github.com/repos/gradle/gradle/releases').asString()
+        def latestStableVersion = (responseText =~ /"tag_name"\s*:\s*"v(\d+\.\d+(?:\.\d+)?)"[^}]+"draft"\s*:\s*(false)[^}]+"prerelease"\s*:\s*(false)/)
+                .findAll().first()[1]
+
+        if (latestStableVersion) {
+            if (latestStableVersion == gradle.gradleVersion) {
+                println "You are up to date ($latestStableVersion)."
+            } else {
+                println "Latest stable Gradle version is: $latestStableVersion (in use: ${gradle.gradleVersion})" +
+                        "\n\nGet it with: ./gradlew wrapper --gradle-version=$latestStableVersion"
+            }
+        } else {
+            println "Could not determine the latest stable Gradle version."
+        }
+    }
+}

gradle.properties

@@ -1,2 +1,2 @@
-currentVersion=0.1.7
+currentVersion=0.1.9
 mainClassName=io.github.easybill.xrviz.App

gradle/wrapper/gradle-wrapper.jar

@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.7-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.1-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME

gradle/wrapper/gradle-wrapper.properties

@@ -15,6 +15,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
+# SPDX-License-Identifier: Apache-2.0
+#
 
 ##############################################################################
 #
@@ -55,7 +57,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -84,7 +86,8 @@ done
 # shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
 # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
-APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
+APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s
+' "$PWD" ) || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum

gradlew

@@ -13,6 +13,8 @@
 @rem See the License for the specific language governing permissions and
 @rem limitations under the License.
 @rem
+@rem SPDX-License-Identifier: Apache-2.0
+@rem
 
 @if "%DEBUG%"=="" @echo off
 @rem ##########################################################################

gradlew.bat

@@ -85,8 +85,10 @@ public static String getVersion() {
     }
 
     public static void showBanner() {
-        try {
-            logger.info("\n" + (new String(Config.class.getResourceAsStream("/banner.txt").readAllBytes())));
+        try (InputStream inputStream = Config.class.getResourceAsStream("/banner.txt")) {
+            if (inputStream != null) {
+                logger.info("\n" + new String(inputStream.readAllBytes()));
+            }
         } catch (IOException ignored) {
         }
         logger.info("XRechnung Visualizer v" + getVersion());

src/main/java/io/github/easybill/xrviz/Config.java

@@ -1,6 +1,5 @@
 package io.github.easybill.xrviz;
 
-import net.sf.saxon.regex.RegularExpression;
 import org.apache.fop.apps.FOPException;
 import org.apache.fop.apps.Fop;
 import org.apache.fop.apps.FopFactory;

src/main/java/io/github/easybill/xrviz/XmlHelper.java

@@ -2,7 +2,6 @@
 
 import com.sun.net.httpserver.HttpExchange;
 import com.sun.net.httpserver.HttpHandler;
-import io.github.easybill.xrviz.XmlHelper;
 import io.github.easybill.xrviz.XslTransformer;
 
 import javax.xml.transform.TransformerException;
@@ -20,9 +19,7 @@ public void handle(HttpExchange exchange) throws IOException {
                 return;
             }
 
-            var xmlContent = XmlHelper.removeBOM(xml.get());
-
-            byte[] response = XslTransformer.transformToHtml(xmlContent, getLanguage(exchange)).getBytes(StandardCharsets.UTF_8);
+            byte[] response = XslTransformer.transformToHtml(xml.get(), getLanguage(exchange)).getBytes(StandardCharsets.UTF_8);
 
             exchange.getResponseHeaders().set("Content-Type", "text/html");
             exchange.sendResponseHeaders(200, response.length);

src/main/java/io/github/easybill/xrviz/XslTransformer.java

@@ -2,10 +2,8 @@
 
 import com.sun.net.httpserver.HttpExchange;
 import com.sun.net.httpserver.HttpHandler;
-import io.github.easybill.xrviz.XmlHelper;
 import io.github.easybill.xrviz.XslTransformer;
 import org.apache.fop.apps.FOPException;
-import org.apache.fop.render.txt.Helper;
 
 import javax.xml.transform.TransformerException;
 import java.io.IOException;
@@ -21,9 +19,7 @@ public void handle(HttpExchange exchange) throws IOException {
                 return;
             }
 
-            var xmlContent = XmlHelper.removeBOM(xml.get());
-
-            byte[] response = XslTransformer.transformToPdf(xmlContent, getLanguage(exchange));
+            byte[] response = XslTransformer.transformToPdf(xml.get(), getLanguage(exchange));
 
             exchange.getResponseHeaders().set("Content-Type", "application/pdf");
             exchange.sendResponseHeaders(200, response.length);

src/main/java/io/github/easybill/xrviz/handler/HtmlHandler.java

@@ -1,9 +1,11 @@
 package io.github.easybill.xrviz.handler;
 
 import com.sun.net.httpserver.HttpExchange;
+import org.mozilla.universalchardet.UniversalDetector;
 
 import java.io.IOException;
 import java.net.HttpURLConnection;
+import java.nio.charset.Charset;
 import java.nio.charset.StandardCharsets;
 import java.util.Optional;
 import java.util.logging.Logger;
@@ -21,7 +23,30 @@ Optional<String> validate(HttpExchange exchange) throws IOException {
             return Optional.empty();
         }
 
-        String xml = new String(exchange.getRequestBody().readAllBytes(), StandardCharsets.UTF_8);
+        byte[] requestBody = exchange.getRequestBody().readAllBytes();
+
+        // detect encoding
+        UniversalDetector detector = new UniversalDetector(null);
+        detector.handleData(requestBody, 0, requestBody.length);
+        detector.dataEnd();
+        String encoding = detector.getDetectedCharset();
+        detector.reset();
+
+        Charset charset = null;
+        try {
+            charset = (encoding != null) ? Charset.forName(encoding) : StandardCharsets.UTF_8;
+        } catch (IllegalArgumentException e) {
+            logger.severe("Invalid charset: " + encoding);
+            exchange.sendResponseHeaders(HttpURLConnection.HTTP_BAD_REQUEST, -1);
+            return Optional.empty();
+        }
+
+        String xml = new String(requestBody, charset);
+
+        // Remove BOM if present
+        if (xml.startsWith("\uFEFF") || xml.startsWith("\uFFFE")) {
+            xml = xml.substring(1);
+        }
 
         if (!isXMLValid(xml)) {
             logger.severe("Invalid XML content!");