aboutsummaryrefslogtreecommitdiffstats
path: root/org.eclipse.jgit/src/org/eclipse/jgit/transport/AmazonS3.java
diff options
context:
space:
mode:
Diffstat (limited to 'org.eclipse.jgit/src/org/eclipse/jgit/transport/AmazonS3.java')
-rw-r--r--org.eclipse.jgit/src/org/eclipse/jgit/transport/AmazonS3.java17
1 files changed, 14 insertions, 3 deletions
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/transport/AmazonS3.java b/org.eclipse.jgit/src/org/eclipse/jgit/transport/AmazonS3.java
index d482521747..9d9f5495fe 100644
--- a/org.eclipse.jgit/src/org/eclipse/jgit/transport/AmazonS3.java
+++ b/org.eclipse.jgit/src/org/eclipse/jgit/transport/AmazonS3.java
@@ -596,7 +596,7 @@ public class AmazonS3 {
final String key, final Map<String, String> args)
throws IOException {
final StringBuilder urlstr = new StringBuilder();
- urlstr.append(protocol); //$NON-NLS-1$
+ urlstr.append(protocol);
urlstr.append("://"); //$NON-NLS-1$
urlstr.append(bucket);
urlstr.append('.');
@@ -757,8 +757,19 @@ public class AmazonS3 {
final XMLReader xr;
try {
- xr = SAXParserFactory.newInstance().newSAXParser()
- .getXMLReader();
+ SAXParserFactory saxParserFactory = SAXParserFactory
+ .newInstance();
+ saxParserFactory.setNamespaceAware(true);
+ saxParserFactory.setFeature(
+ "http://xml.org/sax/features/external-general-entities", //$NON-NLS-1$
+ false);
+ saxParserFactory.setFeature(
+ "http://xml.org/sax/features/external-parameter-entities", //$NON-NLS-1$
+ false);
+ saxParserFactory.setFeature(
+ "http://apache.org/xml/features/disallow-doctype-decl", //$NON-NLS-1$
+ true);
+ xr = saxParserFactory.newSAXParser().getXMLReader();
} catch (SAXException | ParserConfigurationException e) {
throw new IOException(
JGitText.get().noXMLParserAvailable, e);
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-15 18:28:40 +0000