You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2021/11/19 18:32:00 UTC

[jira] [Created] (NIFI-9399) Apply Secure Processing to TransformXml XSLT Sources

David Handermann created NIFI-9399:
--------------------------------------

             Summary: Apply Secure Processing to TransformXml XSLT Sources
                 Key: NIFI-9399
                 URL: https://issues.apache.org/jira/browse/NIFI-9399
             Project: Apache NiFi
          Issue Type: Improvement
          Components: Extensions, Security
            Reporter: David Handermann
            Assignee: David Handermann


The {{TransformXml}} processor supports Secure Processing as of NiFi 1.3.0, which prevents external access attempts using XML entity references. The {{Secure Processing}} property applies to input FlowFiles, but does not apply to the XSLT source that the processor uses during transformation. {{TransformXml}} should be updated to apply Secure Processing to XSLT sources.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)