Details
-
Improvement
-
Status: Open
-
Low
-
Resolution: Unresolved
-
None
-
None
-
None
-
None
Description
Can XML injection protection settings be added to XmlParserStream.java? For example:
final TransformerFactory tf = TransformerFactory.newInstance();
tf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);