Build #179

Plan branch:

Build: #179 was successful Changes by Florian Schmaus <flo@geekplace.eu>

Build result summary

Details

Completed
Queue duration
< 1 second
Duration
10 minutes
Labels
None
Agent
Default Agent
Revision
28dd56a13acd8c04f806b640ba2eb294c511bd82
Total tests
794
Successful since
#174 ()

Tests

Code commits

Author Commit Message Commit date
Florian Schmaus <flo@geekplace.eu> Florian Schmaus <flo@geekplace.eu> 28dd56a13acd8c04f806b640ba2eb294c511bd82 Merge pull request #438 from Flowdalic/stax-disable-xxe-and-dtd
[xmlparser-stax] Disable external entities and DTD
Florian Schmaus <flo@geekplace.eu> Florian Schmaus <flo@geekplace.eu> c1b412c4579f4c9b1a12a49bc0d07d1d8ad7adea [xmlparser-stax] Disable external entities and DTD
Before that, the StAX parser used by Smack for XML parsing had
only external entity replacement disabled. We further harden the
parser by disabling DTDs.

See also:
https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html#xmlinputfactory-a-stax-parser