== How to fix it in Dom4j

=== Code examples

include::../../common/fix/code-rationale.adoc[]

==== Noncompliant code example

[source,java,diff-id=1,diff-type=noncompliant]
----
import org.dom4j.io.SAXReader;

public void decode() {
    SAXReader xmlReader = new SAXReader(); // Noncompliant
}
----

==== Compliant solution

[source,java,diff-id=1,diff-type=compliant]
----
import org.dom4j.io.SAXReader;

public void decode() {
    SAXReader xmlReader = new SAXReader();
    xmlReader.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
}
----

=== How does this work?

include::../../common/fix/xxe.adoc[]