Indeed, and thanks for the detailed docs.

There are situations where XML external entity resolution is necessary; 
users must consider the vulnerabilities inherent in resolving XML 
external entities in untrusted documents. Disabling external entity 
resolution is a safe default.

Kind regards,

On 16/10/16 11:27, Jody Garnett wrote:
> Fair correction ben, but we do instructions for turning the security
> vulnerability back on :)

Ben Caradoc-Davies <>
Transient Software Limited <>
New Zealand

Check out the vibrant tech community on one of the world's most 
engaging tech sites,!
GeoTools-GT2-Users mailing list

Reply via email to