diff --git a/src/SAML2/HTTPPost.php b/src/SAML2/HTTPPost.php
index 1d8c0f65f..9b6449019 100644
--- a/src/SAML2/HTTPPost.php
+++ b/src/SAML2/HTTPPost.php
@@ -90,10 +90,7 @@ public function receive(ServerRequestInterface $request): AbstractMessage
         }
 
         $msgStr = base64_decode($msgStr);
-
-        $xml = new DOMDocument();
-        $xml->loadXML($msgStr);
-        $msgStr = $xml->saveXML();
+        $msgStr = DOMDocumentFactory::fromString($msgStr)->saveXML();
 
         $document = DOMDocumentFactory::fromString($msgStr);
         Utils::getContainer()->debugMessage($document->documentElement, 'in');
diff --git a/src/SAML2/XML/md/ContactPerson.php b/src/SAML2/XML/md/ContactPerson.php
index 783f34945..e1027b3cc 100644
--- a/src/SAML2/XML/md/ContactPerson.php
+++ b/src/SAML2/XML/md/ContactPerson.php
@@ -266,7 +266,7 @@ public static function fromArray(array $data): static
             $name = array_key_first($attribute);
             $value = $attribute[$name];
 
-            $doc = new DOMDocument();
+            $doc = new DOMDocument('1.0', 'UTF-8');
             $elt = $doc->createElement("placeholder");
             $elt->setAttributeNS($ns, $name, $value);
 
diff --git a/tests/SAML2/Response/SignatureValidationTest.php b/tests/SAML2/Response/SignatureValidationTest.php
index ae8fe71c9..24bb835c3 100644
--- a/tests/SAML2/Response/SignatureValidationTest.php
+++ b/tests/SAML2/Response/SignatureValidationTest.php
@@ -4,7 +4,6 @@
 
 namespace SimpleSAML\Test\SAML2\Response;
 
-use DOMDocument;
 use Mockery;
 use Mockery\MockInterface;
 use Mockery\Adapter\Phpunit\MockeryTestCase;
@@ -185,8 +184,9 @@ public function testThatAnUnsignedResponseWithNoSignedAssertionsThrowsAnExceptio
      */
     private function getSignedResponseWithUnsignedAssertion(): Response
     {
-        $doc = new DOMDocument();
-        $doc->load(__DIR__ . '../../../resources/xml/response/signedresponse_with_unsignedassertion.xml');
+        $doc = DOMDocumentFactory::fromFile(
+            dirname(__DIR__, 2) . '/resources/xml/response/signedresponse_with_unsignedassertion.xml',
+        );
 
         return Response::fromXML($doc->documentElement);
     }
@@ -197,8 +197,9 @@ private function getSignedResponseWithUnsignedAssertion(): Response
      */
     private function getUnsignedResponseWithSignedAssertion(): Response
     {
-        $doc = new DOMDocument();
-        $doc->load(__DIR__ . '../../../resources/xml/response/unsignedresponse_with_signedassertion.xml');
+        $doc = DOMDocumentFactory::fromFile(
+            dirname(__DIR__, 2) . '/resources/xml/response/unsignedresponse_with_signedassertion.xml',
+        );
 
         return Response::fromXML($doc->documentElement);
     }
@@ -209,8 +210,9 @@ private function getUnsignedResponseWithSignedAssertion(): Response
      */
     private function getSignedResponseWithSignedAssertion(): Response
     {
-        $doc = new DOMDocument();
-        $doc->load(__DIR__ . '../../../resources/xml/response/signedresponse_with_signedassertion.xml');
+        $doc = DOMDocumentFactory::fromFile(
+            dirname(__DIR__, 2) . '/resources/xml/response/signedresponse_with_signedassertion.xml',
+        );
 
         return Response::fromXML($doc->documentElement);
     }
@@ -221,8 +223,9 @@ private function getSignedResponseWithSignedAssertion(): Response
      */
     private function getUnsignedResponseWithUnsignedAssertion(): Response
     {
-        $doc = new DOMDocument();
-        $doc->load(__DIR__ . '../../../resources/xml/samlp_Response.xml');
+        $doc = DOMDocumentFactory::fromFile(
+            dirname(__DIR__, 2) . '/resources/xml/samlp_Response.xml',
+        );
 
         return Response::fromXML($doc->documentElement);
     }
diff --git a/tests/SAML2/XML/ecp/ResponseTest.php b/tests/SAML2/XML/ecp/ResponseTest.php
index c9ad9dae0..d22b3d8fb 100644
--- a/tests/SAML2/XML/ecp/ResponseTest.php
+++ b/tests/SAML2/XML/ecp/ResponseTest.php
@@ -62,7 +62,7 @@ public function testMarshalling(): void
      */
     public function testToXMLResponseAppended(): void
     {
-        $doc = new DOMDocument();
+        $doc = new DOMDocument('1.0', 'UTF-8');
         $element = $doc->createElement('Foobar');
 
         $response = new Response('https://example.com/ACS');
diff --git a/tests/SAML2/XML/samlp/AbstractMessageTest.php b/tests/SAML2/XML/samlp/AbstractMessageTest.php
index b993eb4ec..2f5c67578 100644
--- a/tests/SAML2/XML/samlp/AbstractMessageTest.php
+++ b/tests/SAML2/XML/samlp/AbstractMessageTest.php
@@ -4,7 +4,6 @@
 
 namespace SimpleSAML\Test\SAML2\XML\samlp;
 
-use DOMDocument;
 use DOMElement;
 use Exception;
 use Mockery\Adapter\Phpunit\MockeryTestCase;
@@ -29,6 +28,8 @@
 use SimpleSAML\XMLSecurity\XML\ds\Signature;
 use SimpleSAML\XMLSecurity\XMLSecurityKey;
 
+use function dirname;
+
 /**
  * @covers \SimpleSAML\SAML2\XML\samlp\AbstractMessage
  * @covers \SimpleSAML\SAML2\XML\samlp\AbstractSamlpElement
@@ -41,8 +42,7 @@ final class AbstractMessageTest extends MockeryTestCase
      */
     public function testCorrectSignatureMethodCanBeExtractedFromAuthnRequest(): void
     {
-        $authnRequest = new DOMDocument();
-        $authnRequest->loadXML(<<<'AUTHNREQUEST'
+        $authnRequest = DOMDocumentFactory::fromString(<<<AUTHNREQUEST
 <samlp:AuthnRequest
     xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
     xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
@@ -85,8 +85,7 @@ public function testCorrectSignatureMethodCanBeExtractedFromAuthnRequest(): void
      */
     public function testIssuerParsedAsNameID(): void
     {
-        $authnRequest = new DOMDocument();
-        $authnRequest->loadXML(<<<AUTHNREQUEST
+        $authnRequest = DOMDocumentFactory::fromString(<<<AUTHNREQUEST
 <samlp:AuthnRequest
     xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
     xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
@@ -172,8 +171,9 @@ public function testConvertIssuerToXML(): void
      */
     public function testCorrectSignatureMethodCanBeExtractedFromResponse(): void
     {
-        $response = new DOMDocument();
-        $response->load(__DIR__ . '../../../../resources/xml/samlp_Response.xml');
+        $response = DOMDocumentFactory::fromFile(
+            dirname(__DIR__, 3) . '/resources/xml/samlp_Response.xml',
+        );
 
         $signer = (new SignatureAlgorithmFactory())->getAlgorithm(
             C::SIG_RSA_SHA256,
@@ -199,8 +199,7 @@ public function testCorrectSignatureMethodCanBeExtractedFromResponse(): void
      */
     public function testGetExtensions(): void
     {
-        $authnRequest = new DOMDocument();
-        $authnRequest->loadXML(<<<'AUTHNREQUEST'
+        $authnRequest = DOMDocumentFactory::fromString(<<<AUTHNREQUEST
 <samlp:AuthnRequest
     xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
     xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
diff --git a/tests/SAML2/XML/samlp/AbstractStatusResponseTest.php b/tests/SAML2/XML/samlp/AbstractStatusResponseTest.php
index 56fdc7e9c..e3e3eca67 100644
--- a/tests/SAML2/XML/samlp/AbstractStatusResponseTest.php
+++ b/tests/SAML2/XML/samlp/AbstractStatusResponseTest.php
@@ -4,7 +4,6 @@
 
 namespace SimpleSAML\Test\SAML2\XML\samlp;
 
-use DOMDocument;
 use PHPUnit\Framework\TestCase;
 use SimpleSAML\SAML2\Constants as C;
 use SimpleSAML\SAML2\Utils\XPath;
@@ -243,8 +242,7 @@ public function testResponseTo(): void
 
         $responseElement = $response->toXML();
 
-        $expectedStructureDocument = new DOMDocument();
-        $expectedStructureDocument->loadXML(<<<STATUSXML
+        $expectedStructureDocument = DOMDocumentFactory::fromString(<<<STATUSXML
 <samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                 xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
                 ID="123"