Mercury-IM/Smack
Mercury-IM/Smack
1
0
Fork 0
mirror of https://codeberg.org/Mercury-IM/Smack synced 2025-12-05 04:31:07 +01:00
Code Issues Releases Wiki Activity
Smack/smack-xmlparser-stax/src
History
Florian Schmaus c1b412c457 [xmlparser-stax] Disable external entities and DTD 
Before that, the StAX parser used by Smack for XML parsing had
only external entity replacement disabled. We further harden the
parser by disabling DTDs.

See also:
https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#xmlinputfactory-a-stax-parser
2020-10-05 08:55:10 +02:00
..
main [xmlparser-stax] Disable external entities and DTD 2020-10-05 08:55:10 +02:00
test/java/org/jivesoftware/smack/xml/stax Replace XPP3 by XmlPullParser interface wrapping StAX and XPP3 2019-05-06 22:10:50 +02:00