Skip to content
Permalink
Browse files
Merge pull request #4 from coheigea/FELIX-6235
FELIX-6235 - Disallow DTDs when reading OBR repository files
  • Loading branch information
gnodet committed May 26, 2020
2 parents 47e32d0 + fd56b8f commit 72a5c8dcf800ca67b78910b154eeb6ec0fd50880
Showing 2 changed files with 4 additions and 0 deletions.
@@ -195,6 +195,8 @@ private DocumentBuilder initConstructor() throws MojoExecutionException
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
try
{
factory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);
factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
constructor = factory.newDocumentBuilder();
}
catch ( ParserConfigurationException e )
@@ -365,6 +365,8 @@ private DocumentBuilder initConstructor() throws MojoExecutionException
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
try
{
factory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);
factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
constructor = factory.newDocumentBuilder();
}
catch ( ParserConfigurationException e )

0 comments on commit 72a5c8d

Please sign in to comment.