[
https://issues.apache.org/jira/browse/XERCESJ-1644?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14107075#comment-14107075
]
Arun Babu Neelicattu commented on XERCESJ-1644:
-----------------------------------------------
Ah, thanks Michael! I just noticed support for
_jdk.xml.resolveExternalEntities_ was added to SecureProcessingConfiguration,
sorry about the overhead. Will leave the default debate to the mailing list.
> RFE: Allow global enabling/disabling of features with secure defaults
> ---------------------------------------------------------------------
>
> Key: XERCESJ-1644
> URL: https://issues.apache.org/jira/browse/XERCESJ-1644
> Project: Xerces2-J
> Issue Type: Improvement
> Components: JAXP (javax.xml.parsers)
> Affects Versions: 2.11.0
> Reporter: Arun Babu Neelicattu
> Attachments: XERCESJ-1644.patch
>
>
> It would be useful to be able enable and disable features using a global
> configuration, either by using system properties or a property file or both.
> Possible usage via system properties:
> {noformat}
> -Dorg.apache.xerces.jaxp.features.enable=http://apache.org/xml/features/disallow-doctype-decl
> -Dorg.apache.xerces.jaxp.features.disable=http://xml.org/sax/features/external-general-entities,http://xml.org/sax/features/external-parameter-entities
> {noformat}
> Is this something that can be added?
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
