diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2017-06-23 11:58:29 +0200 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2017-06-23 11:58:29 +0200 |
commit | bbe653345bbb5dad2ed2356df6f817dd7de26528 (patch) | |
tree | 1dfb88505f1871e2816513676a03b58db2e00046 /bkucommon/src/site | |
parent | 0603c0fbdfe028113431c65590b6e7e28929f6f6 (diff) | |
download | mocca-bbe653345bbb5dad2ed2356df6f817dd7de26528.tar.gz mocca-bbe653345bbb5dad2ed2356df6f817dd7de26528.tar.bz2 mocca-bbe653345bbb5dad2ed2356df6f817dd7de26528.zip |
fix another possible XXE, SSRF problem.
INFO: DocTypes are disabled by default for all XML content that should be signed with mocca!!! Consequently, XML and XAdES signatures for XML documents that contains a DocType declaration is not possible any more.
If DocType declarations are absolutely necessary than this feature can be skipped by set the Java System-Property "-Degiz.mocca.xades.xml.allow.doctype=true"
Diffstat (limited to 'bkucommon/src/site')
0 files changed, 0 insertions, 0 deletions