Disallow DocTypes in XML files

commit: 6f7d6565cf576fb19b67134244a34c61624c37d2 [log] [tgz]
author: Colm O hEigeartaigh <coheigea@apache.org> Wed Jun 03 11:22:34 2020 +0100
committer: Colm O hEigeartaigh <coheigea@apache.org> Wed Jun 03 11:22:34 2020 +0100
tree: 1558a70cccc34e2601f145fd1d21e5ccc8a5a010
parent: 0037980aa3c71518140063c23020d1f0a0355140 [diff]
diff --git a/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java b/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java
index 75b4bf2..5398e2b 100644
--- a/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java
+++ b/xml2fastinfoset-plugin/src/main/java/org/apache/cxf/maven_plugin/xml2fastinfoset/XML2FastInfosetCompilerMojo.java

@@ -211,6 +211,7 @@
         // Instantiate JAXP SAX parser factory
         SAXParserFactory saxParserFactory = SAXParserFactory.newInstance();
         saxParserFactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE);
+        saxParserFactory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
         /*
          * Set parser to be namespace aware Very important to do otherwise
          * invalid FI documents will be created by the SAXDocumentSerializer
commit	6f7d6565cf576fb19b67134244a34c61624c37d2	[log] [tgz]
author	Colm O hEigeartaigh <coheigea@apache.org>	Wed Jun 03 11:22:34 2020 +0100
committer	Colm O hEigeartaigh <coheigea@apache.org>	Wed Jun 03 11:22:34 2020 +0100
tree	1558a70cccc34e2601f145fd1d21e5ccc8a5a010
parent	0037980aa3c71518140063c23020d1f0a0355140 [diff]