Projects
openEuler:24.03:SP1:Everything
dom4j
_service:tar_scm:backport-Disable-downloading-e...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-Disable-downloading-external-resources-with-1.patch of Package dom4j
From c8d112e458799721d0c78959bc591b90e2f8d199 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Jirs=C3=A1k?= <filip@jirsak.org> Date: Sun, 1 Jul 2018 12:45:33 +0200 Subject: [PATCH] #28 Disable downloading external resources with DocumentHelper.parseText() helper. (cherry picked from commit 8f6a7f6001d679176c1079ac65871d4e493360db) --- src/main/java/org/dom4j/DocumentHelper.java | 3 +++ diff --git a/src/main/java/org/dom4j/DocumentHelper.java b/src/main/java/org/dom4j/DocumentHelper.java index 26569e2d..a3a69dca 100644 --- a/src/main/java/org/dom4j/DocumentHelper.java +++ b/src/main/java/org/dom4j/DocumentHelper.java @@ -18,6 +18,7 @@ import org.jaxen.VariableContext; import org.xml.sax.InputSource; +import org.xml.sax.SAXException; /** * <code>DocumentHelper</code> is a collection of helper methods for using @@ -256,6 +257,8 @@ public static void sort(List<Node> list, String expression, boolean distinct) { * <code>parseText</code> parses the given text as an XML document and * returns the newly created Document. * </p> + * + * Loading external DTD and entities is disabled (if it is possible) for security reasons. * * @param text * the XML text to be parsed
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2