You are viewing a plain text version of this content. The canonical link for it is here.

Posted to batik-commits@xmlgraphics.apache.org by ss...@apache.org on 2016/05/09 08:34:17 UTC

svn commit: r1742892 - /xmlgraphics/batik/trunk/batik-dom/src/main/java/org/apache/batik/dom/util/SAXDocumentFactory.java

Author: ssteiner
Date: Mon May  9 08:34:17 2016
New Revision: 1742892

URL: http://svn.apache.org/viewvc?rev=1742892&view=rev
Log:
BATIK-1139: DTD resolution validation

Modified:
    xmlgraphics/batik/trunk/batik-dom/src/main/java/org/apache/batik/dom/util/SAXDocumentFactory.java

Modified: xmlgraphics/batik/trunk/batik-dom/src/main/java/org/apache/batik/dom/util/SAXDocumentFactory.java
URL: http://svn.apache.org/viewvc/xmlgraphics/batik/trunk/batik-dom/src/main/java/org/apache/batik/dom/util/SAXDocumentFactory.java?rev=1742892&r1=1742891&r2=1742892&view=diff
==============================================================================
--- xmlgraphics/batik/trunk/batik-dom/src/main/java/org/apache/batik/dom/util/SAXDocumentFactory.java (original)
+++ xmlgraphics/batik/trunk/batik-dom/src/main/java/org/apache/batik/dom/util/SAXDocumentFactory.java Mon May  9 08:34:17 2016
@@ -444,6 +444,8 @@ public class SAXDocumentFactory
                               true);
             parser.setFeature("http://xml.org/sax/features/validation",
                               isValidating);
+            parser.setFeature("http://xml.org/sax/features/external-general-entities", false);
+            parser.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
             parser.setProperty("http://xml.org/sax/properties/lexical-handler",
                                this);
             parser.parse(is);