aboutsummaryrefslogtreecommitdiff
path: root/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-04-08 07:50:20 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-04-08 07:50:20 +0200
commit50c500dd107d88988cbee8207c91a16b321d6136 (patch)
tree6abd06e3f126866534e155e40c2f7e933b5357d3 /common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
parentec62813f4c0e8b3002d46f7bc315e7a27d720125 (diff)
parent41882a0c5601dda478c2749ac99c2087b864c912 (diff)
downloadmoa-id-spss-50c500dd107d88988cbee8207c91a16b321d6136.tar.gz
moa-id-spss-50c500dd107d88988cbee8207c91a16b321d6136.tar.bz2
moa-id-spss-50c500dd107d88988cbee8207c91a16b321d6136.zip
Merge tag 'MOA-ID-3.1.0' into development_preview
JoinUp Release
Diffstat (limited to 'common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java')
-rw-r--r--common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java4
1 files changed, 4 insertions, 0 deletions
diff --git a/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java b/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
index 2b816ed4c..0a07fc4a7 100644
--- a/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
+++ b/common/src/main/java/at/gv/egovernment/moa/util/DOMUtils.java
@@ -246,6 +246,10 @@ public class DOMUtils {
parser.setFeature(CREATE_ENTITY_REF_NODES_FEATURE, false);
parser.setFeature(EXTERNAL_GENERAL_ENTITIES_FEATURE, false);
parser.setFeature(EXTERNAL_PARAMETER_ENTITIES_FEATURE, false);
+
+ //fix XXE problem
+ parser.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
+
if (validating) {
if (externalSchemaLocations != null) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 03:47:44 +0000