Indeed, and thanks for the detailed docs.

There are situations where XML external entity resolution is necessary; 
users must consider the vulnerabilities inherent in resolving XML 
external entities in untrusted documents. Disabling external entity 
resolution is a safe default.

Kind regards,
Ben.

On 16/10/16 11:27, Jody Garnett wrote:
> Fair correction ben, but we do instructions for turning the security
> vulnerability back on :)

-- 
Ben Caradoc-Davies <b...@transient.nz>
Director
Transient Software Limited <http://transient.nz/>
New Zealand

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
GeoTools-GT2-Users mailing list
GeoTools-GT2-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geotools-gt2-users

Reply via email to