David Handermann created NIFI-9399:
--------------------------------------
Summary: Apply Secure Processing to TransformXml XSLT Sources
Key: NIFI-9399
URL: https://issues.apache.org/jira/browse/NIFI-9399
Project: Apache NiFi
Issue Type: Improvement
Components: Extensions, Security
Reporter: David Handermann
Assignee: David Handermann
The {{TransformXml}} processor supports Secure Processing as of NiFi 1.3.0,
which prevents external access attempts using XML entity references. The
{{Secure Processing}} property applies to input FlowFiles, but does not apply
to the XSLT source that the processor uses during transformation.
{{TransformXml}} should be updated to apply Secure Processing to XSLT sources.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
