File tree 2 files changed +5
-0
lines changed
local-s3-rest/src/main/java/com/robothy/s3/rest
2 files changed +5
-0
lines changed Original file line number Diff line number Diff line change @@ -122,6 +122,9 @@ private ServiceFactory createServiceFactory() {
122122
123123 XMLInputFactory input = new WstxInputFactory ();
124124 input .setProperty (XMLInputFactory .IS_NAMESPACE_AWARE , Boolean .FALSE );
125+ input .setProperty (XMLInputFactory .SUPPORT_DTD , Boolean .FALSE ); // Disable DTDs
126+ input .setProperty (XMLInputFactory .IS_SUPPORTING_EXTERNAL_ENTITIES , Boolean .FALSE ); // Disable external entities
127+
125128 XmlMapper xmlMapper = new XmlMapper (new XmlFactory (input , new WstxOutputFactory ()));
126129 xmlMapper .configure (DeserializationFeature .FAIL_ON_UNKNOWN_PROPERTIES , false );
127130 xmlMapper .registerModule (new Jdk8Module ());
Original file line number Diff line number Diff line change @@ -17,6 +17,8 @@ public class XmlUtils {
1717 static {
1818 XMLInputFactory input = new WstxInputFactory ();
1919 input .setProperty (XMLInputFactory .IS_NAMESPACE_AWARE , Boolean .FALSE );
20+ input .setProperty (XMLInputFactory .SUPPORT_DTD , Boolean .FALSE );
21+ input .setProperty (XMLInputFactory .IS_SUPPORTING_EXTERNAL_ENTITIES , Boolean .FALSE );
2022 xmlMapper = new XmlMapper (new XmlFactory (input , new WstxOutputFactory ()));
2123 xmlMapper .configure (DeserializationFeature .FAIL_ON_UNKNOWN_PROPERTIES , false );
2224 xmlMapper .registerModule (new Jdk8Module ());
You can’t perform that action at this time.
0 commit comments