Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TMDM-15182 Improper Restriction of XML External Entity Reference #1420

Merged
merged 6 commits into from Dec 14, 2021

Conversation

hw-zhu
Copy link
Contributor

@hw-zhu hw-zhu commented Nov 11, 2021

https://jira.talendforge.org/browse/TMDM-15182
What is the current behavior? (You should also link to an open issue here)
Improper Restriction of XML External Entity Reference in kind of project

What is the new behavior?
Improper Restriction of XML External Entity Reference in kind of project

Please check if the PR fulfills these requirements

  • The commit message follows Talend standard
  • Tests for the changes have been added (for bug fixes / features)
  • Docs have been added / updated (for bug fixes / features) ?

What kind of change does this PR introduce?

  • Bugfix
  • Feature
  • Code style update (formatting, local variables)
  • Refactoring (no functional changes, no api changes)
  • Build / CI related changes
  • Other... Please describe:

Does this PR introduce a breaking change?

  • Yes
  • No

If this PR contains a breaking change, please describe the impact and migration path for existing applications: ...

Other information:

@hw-zhu hw-zhu force-pushed the workitem/8.0/TMDM-15182 branch 11 times, most recently from ad6038d to a7e8f59 Compare November 12, 2021 09:11
htyin
htyin previously approved these changes Dec 14, 2021
saxonTransformerFactory.setAttribute("http://saxon.sf.net/feature/version-warning", Boolean.FALSE);
saxonTransformerFactory.setAttribute("http://saxon.sf.net/feature/allow-external-functions", Boolean.FALSE);
saxonTransformerFactory.setAttribute("http://saxon.sf.net/feature/trace-external-functions", Boolean.FALSE);
// saxonTransformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove the commented code

DocumentBuilder documentBuilder = factory.newDocumentBuilder();
// DocumentBuilder documentBuilder = MDMXMLUtils.getDocumentBuilder().get();
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could remove

DocumentBuilder documentBuilder = factory.newDocumentBuilder();
// DocumentBuilder documentBuilder = MDMXMLUtils.getDocumentBuilder().get();
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could remove

@@ -339,7 +340,8 @@ public long putDocumentFromString(String xmlString, String uniqueID, String clus
throws XmlServerException {
try {
InputSource source = new InputSource(new StringReader(xmlString));
Document document = DOCUMENT_BUILDER_FACTORY.newDocumentBuilder().parse(source);
//Document document = DOCUMENT_BUILDER_FACTORY.newDocumentBuilder().parse(source);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could remove

DocumentBuilder documentBuilder = factory.newDocumentBuilder();
// DocumentBuilder documentBuilder = MDMXMLUtils.getDocumentBuilder().get();
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could remove

@hw-zhu hw-zhu merged commit 31d442b into master Dec 14, 2021
@hw-zhu hw-zhu deleted the workitem/8.0/TMDM-15182 branch December 14, 2021 06:36
hw-zhu added a commit that referenced this pull request Dec 14, 2021
* TMDM-15182 Improper Restriction of XML External Entity Reference
htyin pushed a commit that referenced this pull request Dec 17, 2021
* TMDM-15182 Improper Restriction of XML External Entity Reference
hw-zhu added a commit that referenced this pull request Feb 18, 2022
* TMDM-15182 Improper Restriction of XML External Entity Reference
hw-zhu added a commit that referenced this pull request Feb 18, 2022
* TMDM-15182 Improper Restriction of XML External Entity Reference
hw-zhu added a commit that referenced this pull request Feb 18, 2022
* TMDM-15182 Improper Restriction of XML External Entity Reference
hw-zhu added a commit that referenced this pull request Feb 22, 2022
…) (#1433)

* TMDM-15182 Improper Restriction of XML External Entity Reference
hw-zhu added a commit that referenced this pull request Feb 23, 2022
…) (#1451)

* TMDM-15182 Improper Restriction of XML External Entity Reference
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants