Author: fanningpj Date: Tue Oct 24 21:51:04 2023 New Revision: 1913303 URL: http://svn.apache.org/viewvc?rev=1913303&view=rev Log: security docs
Modified: poi/site/src/documentation/content/xdocs/security.xml Modified: poi/site/src/documentation/content/xdocs/security.xml URL: http://svn.apache.org/viewvc/poi/site/src/documentation/content/xdocs/security.xml?rev=1913303&r1=1913302&r2=1913303&view=diff ============================================================================== --- poi/site/src/documentation/content/xdocs/security.xml (original) +++ poi/site/src/documentation/content/xdocs/security.xml Tue Oct 24 21:51:04 2023 @@ -79,6 +79,13 @@ If this is a concern, make sure to have a way to stop processing after some time, maybe by the sandboxing approach described below. </li> + <li><strong>Memory use can be very high</strong><br/> + The data in Microsoft format files is usually compressed so even small files can have a lot of data. + <br/> + The core POI APIs are not optimized to avoid excessive memory use. POI has streaming APIs for reading + and writing xlsx files - so if you are working with large xlsx files, you should consider using the + streaming APIs. + </li> <li><strong>Consider sandboxing document-parsing</strong><br/> If you operate in a highly sensitive enviornment and would like to avoid any side effect from parsing documents on your application, then consider extracting the parsing logic into a separate --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@poi.apache.org For additional commands, e-mail: commits-h...@poi.apache.org