Skip to content

Commit

Permalink
fix (core): Address real security vulnerability, TX DeepSource JAVA-A…
Browse files Browse the repository at this point in the history 
…1052
  • Loading branch information
@vorburger
vorburger committed Jan 4, 2025
1 parent 0dcbbdf commit 860bbdd
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion java/dev/enola/common/xml/XML.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ private static String normalizeXML(InputStream inputStream, boolean format)
// TODO Use streaming SAX instead of DOM; and break this up... use XmlResourceParser

DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setAttribute(XMLConstants.FEATURE_SECURE_PROCESSING, true); // #security
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); // #security
DocumentBuilder builder = factory.newDocumentBuilder();

Document document = builder.parse(new InputSource(inputStream));
Expand Down

0 comments on commit 860bbdd

Please sign in to comment.