This is an automated email from the ASF dual-hosted git repository.
tilman pushed a commit to branch branch_2x
in repository https://gitbox.apache.org/repos/asf/tika.git
The following commit(s) were added to refs/heads/branch_2x by this push:
new 8a63590c4 Improve configuration of xmlinputfactory (#2294)
8a63590c4 is described below
commit 8a63590c435337fe60da5fabc664914cc8ed72af
Author: Tim Allison <[email protected]>
AuthorDate: Mon Aug 4 11:59:26 2025 -0400
Improve configuration of xmlinputfactory (#2294)
---
tika-core/src/main/java/org/apache/tika/utils/XMLReaderUtils.java | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tika-core/src/main/java/org/apache/tika/utils/XMLReaderUtils.java
b/tika-core/src/main/java/org/apache/tika/utils/XMLReaderUtils.java
index 7a1b92924..f00d513f1 100644
--- a/tika-core/src/main/java/org/apache/tika/utils/XMLReaderUtils.java
+++ b/tika-core/src/main/java/org/apache/tika/utils/XMLReaderUtils.java
@@ -295,6 +295,8 @@ public class XMLReaderUtils implements Serializable {
tryToSetStaxProperty(factory, XMLInputFactory.IS_NAMESPACE_AWARE,
true);
tryToSetStaxProperty(factory, XMLInputFactory.IS_VALIDATING, false);
+ tryToSetStaxProperty(factory, XMLInputFactory.SUPPORT_DTD, false);
+ tryToSetStaxProperty(factory,
XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, false);
factory.setXMLResolver(IGNORING_STAX_ENTITY_RESOLVER);
trySetStaxSecurityManager(factory);
