Changeset 16560 in josm for trunk/src


Ignore:
Timestamp:
2020-06-07T17:19:38+02:00 (4 years ago)
Author:
simon04
Message:

fix #19286 - External entities are resolved when parsing tagging presets (patch by hiddewie, modified)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/org/openstreetmap/josm/tools/XmlUtils.java

    r16436 r16560  
    3535 */
    3636public final class XmlUtils {
     37
     38    private static final String FEATURE_DISALLOW_DOCTYPE_DECL = "http://apache.org/xml/features/disallow-doctype-decl";
    3739
    3840    private XmlUtils() {
     
    101103        SAXParserFactory parserFactory = SAXParserFactory.newInstance();
    102104        parserFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
     105        parserFactory.setFeature(FEATURE_DISALLOW_DOCTYPE_DECL, true);
    103106        parserFactory.setNamespaceAware(true);
    104107        return parserFactory.newSAXParser();
Note: See TracChangeset for help on using the changeset viewer.