mirrors
/
fop
mirror of https://github.com/apache/fop.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 48 Wiki Activity
Browse Source

FOP-3168: Add secure processing for XSL input

pull/80/head
Simon Steiner 1 month ago
parent
cb26fed42b
commit
d96ba9a117
1 changed files with 2 additions and 0 deletions
Split View Show Diff Stats
  1. 2
    0
      fop-core/src/main/java/org/apache/fop/cli/InputHandler.java

+ 2
- 0
fop-core/src/main/java/org/apache/fop/cli/InputHandler.java View File

@@ -26,6 +26,7 @@ import java.io.OutputStream;
import java.lang.reflect.InvocationTargetException;
import java.util.Vector;

import javax.xml.XMLConstants;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.parsers.SAXParserFactory;
import javax.xml.transform.ErrorListener;
@@ -265,6 +266,7 @@ public class InputHandler implements ErrorListener, Renderable {
try {
// Setup XSLT
TransformerFactory factory = TransformerFactory.newInstance();
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
Transformer transformer;

Source xsltSource = createXSLTSource();

Write Preview
Loading…
Cancel
Save