mbeckerle commented on a change in pull request #560:
URL: https://github.com/apache/daffodil/pull/560#discussion_r638054046
##########
File path:
daffodil-runtime1/src/main/scala/org/apache/daffodil/processors/DataProcessor.scala
##########
@@ -347,7 +346,11 @@ class DataProcessor private (
override def getDiagnostics = ssrd.diagnostics
- override def newXMLReaderInstance: DFDL.DaffodilParseXMLReader = new
DaffodilParseXMLReader(this)
+ override def newXMLReaderInstance: DFDL.DaffodilParseXMLReader = {
+ val xrdr = new DaffodilParseXMLReader(this)
+ XMLUtils.setSecureDefaults(xrdr)
Review comment:
Good point. I think we need scaladoc to point out that this is by
definition secure if we remove the ability to set the secure features,
otherwise someone's going to try it, and end up not liking that they can't set
it secure.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
