Hi, I saw in the documentation that if I want to use external general entities, I need to have a single root which is quite conforming to the xml spec. I try this with no problems.
After that, I just put an XML comment in my document and then xxe cry, saying that this document is not managed by xxe. Is that a bug or something else I did not understood ? For information, here are the files : test.xml : <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE article PUBLIC "-//OASIS//DTD Simplified DocBook XML V1.0//EN" "http://www.oasis-open.org/docbook/xml/simple/1.0/sdocbook.dtd"; [ <!ENTITY test SYSTEM "testInclude.xml"> ]> <article ><title >un article</title >&test;</article > testInclude.xml : <?xml version="1.0" encoding="UTF-8"?> <!-- test --><section ><title >Un titre</title ><para >un para</para ></section> Note that if I change the comment to a PI, I have the same problem. Why do I need this feature ? Just because in open environments, many XML editors are adding at front of the document their own processing information, either as comments or as PI. Regards, Pierre
