commit | 3e180752a42936cdc5fe11b6003e7e4b13436e13 | [log] [tgz] |
---|---|---|
author | Colm O hEigeartaigh <coheigea@apache.org> | Fri Dec 14 16:16:15 2018 +0000 |
committer | Colm O hEigeartaigh <coheigea@apache.org> | Fri Dec 14 16:16:15 2018 +0000 |
tree | b1f93762af52e01d4b813ff18fe637cf90ed1745 | |
parent | 2472ced4e45f221c269f0f2702d8ee1b4cac4611 [diff] |
Adding secure processing to the SAXParserFactory
diff --git a/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java b/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java index 4d36b70..75b4bf2 100644 --- a/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java +++ b/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java
@@ -210,6 +210,7 @@ // Instantiate JAXP SAX parser factory SAXParserFactory saxParserFactory = SAXParserFactory.newInstance(); + saxParserFactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE); /* * Set parser to be namespace aware Very important to do otherwise * invalid FI documents will be created by the SAXDocumentSerializer