Skip to content

Commit

Permalink
Fix XML schema vulnerability
Browse files Browse the repository at this point in the history
  • Loading branch information
@Haxatron @AngledLuffa
Haxatron authored and AngledLuffa committed Jan 16, 2022
1 parent 820192c commit 1940ffb
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions src/edu/stanford/nlp/util/XMLUtils.java
View file
Expand Up @@ -302,6 +302,7 @@ public static DocumentBuilder getValidatingXmlParser(File schemaFile) {
DocumentBuilderFactory dbf = safeDocumentBuilderFactory();

SchemaFactory factory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
Schema schema = factory.newSchema(schemaFile);
dbf.setSchema(schema);

Expand Down

0 comments on commit 1940ffb

Please sign in to comment.