Re: [PR] Set features to DocumentBuilderFactory to protect from XXE; fix for SAST [camel-spring-boot]
davsclaus merged PR #989: URL: https://github.com/apache/camel-spring-boot/pull/989 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@camel.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Set features to DocumentBuilderFactory to protect from XXE; fix for SAST [camel-spring-boot]
davsclaus commented on code in PR #989:
URL: https://github.com/apache/camel-spring-boot/pull/989#discussion_r1372246340
##
tests/camel-itest-spring-boot/src/test/java/org/apache/camel/itest/springboot/util/DependencyResolver.java:
##
@@ -151,6 +151,9 @@ private static String getParentVersion(File pom) throws
Exception {
}
private static String xpath(File pom, String expression) throws Exception {
+
factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl",true);
Review Comment:
space after comma is the code style we use
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@camel.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[PR] Set features to DocumentBuilderFactory to protect from XXE; fix for SAST [camel-spring-boot]
cunningt opened a new pull request, #989: URL: https://github.com/apache/camel-spring-boot/pull/989 Set features to DocumentBuilderFactory to protect from XXE; fix for SAST -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@camel.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
