You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2021/11/19 18:32:00 UTC
[jira] [Created] (NIFI-9399) Apply Secure Processing to TransformXml XSLT Sources
David Handermann created NIFI-9399:
--------------------------------------
Summary: Apply Secure Processing to TransformXml XSLT Sources
Key: NIFI-9399
URL: https://issues.apache.org/jira/browse/NIFI-9399
Project: Apache NiFi
Issue Type: Improvement
Components: Extensions, Security
Reporter: David Handermann
Assignee: David Handermann
The {{TransformXml}} processor supports Secure Processing as of NiFi 1.3.0, which prevents external access attempts using XML entity references. The {{Secure Processing}} property applies to input FlowFiles, but does not apply to the XSLT source that the processor uses during transformation. {{TransformXml}} should be updated to apply Secure Processing to XSLT sources.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)