aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorwr148d <wr148d@att.com>2021-07-20 12:30:30 -0400
committerwr148d <wr148d@att.com>2021-07-20 12:30:30 -0400
commit35e3de3f0d5b2b02fc6ef92ec577fe6b7cd05e3c (patch)
tree9beedffe3c1f9725e5dd75f5a56a740333768afb
parente04245a22340f4b4e55182350dd4640547f98265 (diff)
fix CRITICAL xxe (XML External Entity) issues identified in sonarcloud
Issue-ID: AAI-3346 Signed-off-by: wr148d <wr148d@att.com> Change-Id: I76532cc11f348f9c267f5cd87e061b139ce4e7e0
-rw-r--r--src/main/java/org/onap/aai/modelloader/entity/model/ModelArtifact.java1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/main/java/org/onap/aai/modelloader/entity/model/ModelArtifact.java b/src/main/java/org/onap/aai/modelloader/entity/model/ModelArtifact.java
index 7c9b4c2..73709f6 100644
--- a/src/main/java/org/onap/aai/modelloader/entity/model/ModelArtifact.java
+++ b/src/main/java/org/onap/aai/modelloader/entity/model/ModelArtifact.java
@@ -287,6 +287,7 @@ public class ModelArtifact extends AbstractModelArtifact {
StringWriter sw = new StringWriter();
TransformerFactory transFact = TransformerFactory.newInstance();
transFact.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
+ transFact.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, "");
Transformer t = transFact.newTransformer();
t.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
t.transform(new DOMSource(node), new StreamResult(sw));