Hi Scott, On Tue, Jul 16, 2019 at 5:19 PM Cantor, Scott <[email protected]> wrote:
> > Regarding the changes, is a decent summary of the places where there would > be any use of the DocumentBuilder and any XML parsing by the library itself: > > - decrypting XML > - particular Transform sequences that go from octet stream to DOM > mid-transform > ? > Yes and in canonicalization. > > My project is particular sensitive to the security considerations of ever > allowing any other library to do XML parsing for obvious reasons. I wonder > if there's a way we could inject our own via some kind of interface in a > future version? Or would a patch for that be welcome? > Yes I was thinking along those lines for 2.3.0. Patches definitely welcome! Colm. > > -- Scott > > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
