ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S4435/java/rule.adoc
Arseniy Zaostrovnykh 716b335a56 Enable forced linebreaks in quotes; escape -- in url
2021-02-02 16:54:43 +01:00

38 lines
802 B
Plaintext
Raw Blame History

include::../description.adoc[]
== Noncompliant Code Example
----
Transformer transformer = TransformerFactory.newInstance().newTransformer();
transformer.transform(input, result);
----
== Compliant Solution
Recommended:
----
TransformerFactory factory = TransformerFactory.newInstance();
factory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
factory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, "");
Transformer transformer = factory.newTransformer();
transformer.transform(input, result);
----
Implementation dependent:
----
TransformerFactory factory = TransformerFactory.newInstance();
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
Transformer transformer = factory.newTransformer();
transformer.transform(input, result);
----
include::../see.adoc[]
Reference in New Issue View Git Blame Copy Permalink