raboof opened a new pull request, #1: URL: https://github.com/apache/xalan-site/pull/1
It seems people occasionally don't realize they should expect to take some precautions before using Xalan on untrusted input. It might be good to make an explicit note about that on the website, something like the attached patch? Of course it would be even better if we could provide (or link to) in-depth instructions, but until we have something like that I think just highlighting the fact that this needs people's attention would be an improvement. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@xalan.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@xalan.apache.org For additional commands, e-mail: dev-h...@xalan.apache.org
