Uploaded image for project: 'Xerces2-J'
  1. Xerces2-J
  2. XERCESJ-1455

New system property to limit entity expansion

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Trivial
    • Resolution: Won't Fix
    • 2.7.1, 2.8.0, 2.8.1, 2.9.0, 2.9.1, 2.10.0
    • None
    • JAXP (javax.xml.parsers)
    • None
    • all

    Description

      when setting org.apache.xerces.util.SecurityManager, default entityExpansionLimit is 100,000. this is still too high in many cases. although security Manager does have a setter for entityExpansionLimit, it will be more user friendly to have a new system property to limit entity expansion, such as the one in Sun's JAXP implementation: http://java.sun.com/j2se/1.5.0/docs/guide/xml/jaxp/JAXP-Compatibility_150.html#JAXP_security

      Attachments

        Activity

          People

            Unassigned Unassigned
            uchen yuechen
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - 2h
                2h
                Remaining:
                Remaining Estimate - 2h
                2h
                Logged:
                Time Spent - Not Specified
                Not Specified