The Java Tutorials have been written for JDK 8.Java教程是为JDK 8编写的。Examples and practices described in this page don't take advantage of improvements introduced in later releases and might use technology no longer available.本页中描述的示例和实践没有利用后续版本中引入的改进,并且可能使用不再可用的技术。See Java Language Changes for a summary of updated language features in Java SE 9 and subsequent releases.有关Java SE 9及其后续版本中更新的语言特性的摘要,请参阅Java语言更改。
See JDK Release Notes for information about new features, enhancements, and removed or deprecated options for all JDK releases.有关所有JDK版本的新功能、增强功能以及已删除或不推荐的选项的信息,请参阅JDK发行说明。
The JAXP secure-processing feature places resource limits on XML processors in order to counter certain type of denial-of-service attacks. It does not, however, limit the means by which external resources may be fetched, which is also useful when attempting to process XML documents securely. The current JAXP implementation supports implementation-specific properties that can be used to enforce such restrictions, but there is a need for a standard way to do so.
JAXP 1.5 adds three new properties along with their corresponding System Properties to allow users to specify the type of external connections that can or can not be permitted. The property values are a list of protocols. The JAXP processors check if a given external connection is allowed by matching the protocol with those in the list. Processors will attempt to establish the connection if it is on the list, or reject it if not.
JAXP 1.5 has been integrated into 7u40 and JDK8.