You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2020/06/03 10:22:56 UTC
[cxf-build-utils] branch master updated: Disallow DocTypes in XML
files
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf-build-utils.git
The following commit(s) were added to refs/heads/master by this push:
new 6f7d656 Disallow DocTypes in XML files
6f7d656 is described below
commit 6f7d6565cf576fb19b67134244a34c61624c37d2
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Wed Jun 3 11:22:34 2020 +0100
Disallow DocTypes in XML files
---
.../cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java | 1 +
1 file changed, 1 insertion(+)
diff --git a/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java b/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java
index 75b4bf2..5398e2b 100644
--- a/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java
+++ b/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java
@@ -211,6 +211,7 @@ public class XML2FastInfosetCompilerMojo extends AbstractMojo {
// Instantiate JAXP SAX parser factory
SAXParserFactory saxParserFactory = SAXParserFactory.newInstance();
saxParserFactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
+ saxParserFactory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
/*
* Set parser to be namespace aware Very important to do otherwise
* invalid FI documents will be created by the SAXDocumentSerializer