Adding secure processing to the SAXParserFactory

commit: 3e180752a42936cdc5fe11b6003e7e4b13436e13 [log] [tgz]
author: Colm O hEigeartaigh <coheigea@apache.org> Fri Dec 14 16:16:15 2018 +0000
committer: Colm O hEigeartaigh <coheigea@apache.org> Fri Dec 14 16:16:15 2018 +0000
tree: b1f93762af52e01d4b813ff18fe637cf90ed1745
parent: 2472ced4e45f221c269f0f2702d8ee1b4cac4611 [diff]
diff --git a/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java b/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java
index 4d36b70..75b4bf2 100644
--- a/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java
+++ b/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java

@@ -210,6 +210,7 @@
 
         // Instantiate JAXP SAX parser factory
         SAXParserFactory saxParserFactory = SAXParserFactory.newInstance();
+        saxParserFactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
         /*
          * Set parser to be namespace aware Very important to do otherwise
          * invalid FI documents will be created by the SAXDocumentSerializer
commit	3e180752a42936cdc5fe11b6003e7e4b13436e13	[log] [tgz]
author	Colm O hEigeartaigh <coheigea@apache.org>	Fri Dec 14 16:16:15 2018 +0000
committer	Colm O hEigeartaigh <coheigea@apache.org>	Fri Dec 14 16:16:15 2018 +0000
tree	b1f93762af52e01d4b813ff18fe637cf90ed1745
parent	2472ced4e45f221c269f0f2702d8ee1b4cac4611 [diff]