Indeed, and thanks for the detailed docs. There are situations where XML external entity resolution is necessary; users must consider the vulnerabilities inherent in resolving XML external entities in untrusted documents. Disabling external entity resolution is a safe default.
Kind regards, Ben. On 16/10/16 11:27, Jody Garnett wrote: > Fair correction ben, but we do instructions for turning the security > vulnerability back on :) -- Ben Caradoc-Davies <b...@transient.nz> Director Transient Software Limited <http://transient.nz/> New Zealand ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ GeoTools-GT2-Users mailing list GeoTools-GT2-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geotools-gt2-users
