Uploaded image for project: 'Groovy'
  1. Groovy
  2. GROOVY-10560

Provide additional XmlUtil variants for more options when disabling doctypes

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 4.0.2
    • None

    Description

      The main XML processing methods in Groovy default to using secure XML processing. Some less widely used methods don't have that default. This change will incorporate that security measure. For users not using doctype processing, no change should be observed but processing will be more secure. It is a breaking change for anyone explicitly using doctype processing. Such users should use the new variant of each related method that is now provided which allows such processing to be switched back on. These have the same parameters as the existing method but an additional boolean.

      Affected methods:

      XmlUtil#serialize(Element)
      XmlUtil#serialize(Element, OutputStream)
      XmlUtil#serialize(Element, Writer)
      XmlUtil#serialize(String)
      XmlUtil#serialize(String, OutputStream)
      XmlUtil#serialize(String, Writer)
      
      XmlUtil#newSAXParser(String, boolean, boolean, Source...)
      XmlUtil#newSAXParser(String, Source...)
      XmlUtil#newSAXParser(String, boolean, boolean, File)
      XmlUtil#newSAXParser(String, File)
      XmlUtil#newSAXParser(String, boolean, boolean, URL)
      XmlUtil#newSAXParser(String, URL)
      

      Attachments

        Activity

          People

            paulk Paul King
            paulk Paul King
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 50m
                50m