mirror of
https://codeberg.org/Mercury-IM/Smack
synced 2024-11-26 00:02:06 +01:00
c1b412c457
Before that, the StAX parser used by Smack for XML parsing had only external entity replacement disabled. We further harden the parser by disabling DTDs. See also: https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#xmlinputfactory-a-stax-parser |
||
---|---|---|
.. | ||
main | ||
test/java/org/jivesoftware/smack/xml/stax |