David Handermann created NIFI-9399: -------------------------------------- Summary: Apply Secure Processing to TransformXml XSLT Sources Key: NIFI-9399 URL: https://issues.apache.org/jira/browse/NIFI-9399 Project: Apache NiFi Issue Type: Improvement Components: Extensions, Security Reporter: David Handermann Assignee: David Handermann
The {{TransformXml}} processor supports Secure Processing as of NiFi 1.3.0, which prevents external access attempts using XML entity references. The {{Secure Processing}} property applies to input FlowFiles, but does not apply to the XSLT source that the processor uses during transformation. {{TransformXml}} should be updated to apply Secure Processing to XSLT sources. -- This message was sent by Atlassian Jira (v8.20.1#820001)