[jira] [Resolved] (NIFI-4125) Add basic security settings to TransformXml

Andy LoPresto (JIRA) Thu, 29 Jun 2017 11:34:19 -0700

     [ 
https://issues.apache.org/jira/browse/NIFI-4125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Andy LoPresto resolved NIFI-4125.
---------------------------------
    Resolution: Fixed

> Add basic security settings to TransformXml
> -------------------------------------------
>
>                 Key: NIFI-4125
>                 URL: https://issues.apache.org/jira/browse/NIFI-4125
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core Framework
>    Affects Versions: 1.3.0
>            Reporter: Yuri
>            Priority: Minor
>              Labels: newbie, security, xslt
>
> Since data flows can generally deal with non-trusted data, the processors 
> should handle it in a secure manner.
> In case of XML there are various known vulnerabilities - 
> [OWASP|https://www.owasp.org/index.php/XML_External_Entity_%28XXE%29_Processing].
>  Some can be mitigated via XML parser/XSLT Processor features.
> The TransformXml processor should have a setting enabling these secure 
> settings.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (NIFI-4125) Add basic security settings to TransformXml

Reply via email to