Details
-
Task
-
Resolution: Fixed
-
Major
-
12.2
-
None
Description
See https://github.com/dom4j/dom4j/releases
Improvements * Added new factory method org.dom4j.io.SAXReader.createDefault(). It hase more secure defaults than new SAXReader(), which uses system XMLReaderFactory.createXMLReader() or SAXParserFactory.newInstance().newSAXParser(). SAXReader.createDefault() disable parsing of external entities in the SAX parser.
Attachments
Issue Links
- blocks
-
-
- Closed
-