36 lines
800 B
Plaintext
36 lines
800 B
Plaintext
|
include::../description.adoc[]
|
||
|
|
|
||
|
|
== Noncompliant Code Example
|
||
|
|
|
||
|
|
----
|
||
|
|
Transformer transformer = TransformerFactory.newInstance().newTransformer();
|
||
|
|
transformer.transform(input, result);
|
||
|
|
----
|
||
|
|
|
||
|
|
== Compliant Solution
|
||
|
|
|
||
|
|
Recommended:
|
||
|
|
|
||
|
|
----
|
||
|
|
TransformerFactory factory = TransformerFactory.newInstance();
|
||
|
|
factory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
|
||
|
|
factory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, "");
|
||
|
|
|
||
|
|
Transformer transformer = factory.newTransformer();
|
||
|
|
|
||
|
|
transformer.transform(input, result);
|
||
|
|
----
|
||
|
|
|
||
|
|
Implementation dependent:
|
||
|
|
|
||
|
|
----
|
||
|
|
TransformerFactory factory = TransformerFactory.newInstance();
|
||
|
|
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
|
||
|
|
|
||
|
|
Transformer transformer = factory.newTransformer();
|
||
|
|
|
||
|
|
transformer.transform(input, result);
|
||
|
|
----
|
||
|
|
|
||
|
|
include::../see.adoc[]
|