Hello.
There's been a lot going around lately about XML External Entity
definitions and how they (and related constructs) can be exploited in
nefarious ways.
Does xmlbeans set safe defaults for 'features' on xml processors? If
not, are the base objects accessible to developers (users of xmlbeans)
so that processing 'features' can be set?
Thanks
--
Jon Gorrono
PGP Key: 0x5434509D -
http{pgp.mit.edu:11371/pks/lookup?search=0x5434509D&op=index}
http{middleware.ucdavis.edu}
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@xmlbeans.apache.org
For additional commands, e-mail: user-h...@xmlbeans.apache.org
