spring-framework

mirror of https://github.com/spring-projects/spring-framework.git synced 2024-10-23 07:05:25 +08:00

History

Brian Clozel f204f4962d Document XML parser usage against security false positives Prior to this commit, our XML parser usage would be already haredened against XXE (XML External Entities) attacks. Still, we recently received several invalid security reports claiming that our setup should be hardened. This commit documents a few usages of XML parsers to add some more context and hopefully prevent future invalid reports. Closes gh-33713	2024-10-15 18:59:02 +02:00
..
src	Document XML parser usage against security false positives	2024-10-15 18:59:02 +02:00
spring-oxm.gradle	Fix XJC configuration to re-enable Eclipse IDE support	2024-07-26 16:39:40 +03:00

Brian Clozel f204f4962d Document XML parser usage against security false positives

Prior to this commit, our XML parser usage would be already haredened
against XXE (XML External Entities) attacks. Still, we recently received
several invalid security reports claiming that our setup should be
hardened.

This commit documents a few usages of XML parsers to add some more
context and hopefully prevent future invalid reports.

Closes gh-33713

2024-10-15 18:59:02 +02:00

src

Document XML parser usage against security false positives

2024-10-15 18:59:02 +02:00

spring-oxm.gradle

Fix XJC configuration to re-enable Eclipse IDE support

2024-07-26 16:39:40 +03:00