[
https://issues.apache.org/jira/browse/NIFI-4125?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16068749#comment-16068749
]
ASF subversion and git services commented on NIFI-4125:
-------------------------------------------------------
Commit 3bf1d127062a2d52d7be32e5ef29e19242219f48 in nifi's branch
refs/heads/master from [~yuri1969]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=3bf1d12 ]
NIFI-4125 Added secure transform feature and configuration to TransformXML
processor to mitigate XXE file system leaks.
This closes #1946.
Signed-off-by: Andy LoPresto <[email protected]>
> Add basic security settings to TransformXml
> -------------------------------------------
>
> Key: NIFI-4125
> URL: https://issues.apache.org/jira/browse/NIFI-4125
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework
> Affects Versions: 1.3.0
> Reporter: Yuri
> Priority: Minor
> Labels: newbie, security, xslt
>
> Since data flows can generally deal with non-trusted data, the processors
> should handle it in a secure manner.
> In case of XML there are various known vulnerabilities -
> [OWASP|https://www.owasp.org/index.php/XML_External_Entity_%28XXE%29_Processing].
> Some can be mitigated via XML parser/XSLT Processor features.
> The TransformXml processor should have a setting enabling these secure
> settings.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
