Changeset 8287 in josm for trunk/src/org/openstreetmap/josm/io/Capabilities.java

Timestamp:

2015-04-28T01:11:18+02:00 (9 years ago)

Author:

Don-vip

Message:

fix findsecbugs:XXE_SAXPARSER - "Security - XML Parsing Vulnerable to XXE (SAXParser)"

File:

• trunk/src/org/openstreetmap/josm/io/Capabilities.java (modified) (2 diffs)

trunk/src/org/openstreetmap/josm/io/Capabilities.java

@@ -12 +12 @@
 
 import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.parsers.SAXParserFactory;
 
 import org.openstreetmap.josm.Main;
+import org.openstreetmap.josm.tools.Utils;
 import org.xml.sax.Attributes;
 import org.xml.sax.InputSource;
@@ -272 +272 @@
         public static Capabilities parse(InputSource inputSource) throws SAXException, IOException, ParserConfigurationException {
             CapabilitiesParser parser = new CapabilitiesParser();
-            SAXParserFactory.newInstance().newSAXParser().parse(inputSource, parser);
+            Utils.newSafeSAXParser().parse(inputSource, parser);
             return parser.getCapabilities();
         }