Skip to content

Instantly share code, notes, and snippets.

@asudhak
asudhak / SecureXMLParser.java
Created Mar 10, 2015
Secure SAXParserFactory that prevents XXE
View SecureXMLParser.java
import javax.xml.parsers.ParserConfigurationException; // catching unsupported features
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;
import org.xml.sax.SAXNotRecognizedException; // catching unknown features
import org.xml.sax.SAXNotSupportedException; // catching known but unsupported features
import org.xml.sax.XMLReader;
...