This is an automated email from the ASF dual-hosted git repository.
sseifert pushed a commit to branch master
in repository
https://gitbox.apache.org/repos/asf/sling-org-apache-sling-launchpad-test-services.git
The following commit(s) were added to refs/heads/master by this push:
new 8d4a8bf Fix SaxParser security warning (#15)
8d4a8bf is described below
commit 8d4a8bff67e8437474c8bfa98c9aeda13195a77c
Author: Stefan Seifert <[email protected]>
AuthorDate: Tue Nov 25 09:30:32 2025 +0100
Fix SaxParser security warning (#15)
---
.../org/apache/sling/launchpad/testservices/servlets/SaxServlet.java | 2 ++
1 file changed, 2 insertions(+)
diff --git
a/src/main/java/org/apache/sling/launchpad/testservices/servlets/SaxServlet.java
b/src/main/java/org/apache/sling/launchpad/testservices/servlets/SaxServlet.java
index ac64d84..14f6d1d 100644
---
a/src/main/java/org/apache/sling/launchpad/testservices/servlets/SaxServlet.java
+++
b/src/main/java/org/apache/sling/launchpad/testservices/servlets/SaxServlet.java
@@ -20,6 +20,7 @@ package org.apache.sling.launchpad.testservices.servlets;
import javax.servlet.Servlet;
import javax.servlet.ServletException;
+import javax.xml.XMLConstants;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;
@@ -55,6 +56,7 @@ public class SaxServlet extends SlingAllMethodsServlet {
try {
SAXParserFactory factory = SAXParserFactory.newInstance();
+ factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
SAXParser parser = factory.newSAXParser();
SimpleHandler handler = new SimpleHandler();
