From 83559ddc77a0217391212f2abcdcba2c3ff56937 Mon Sep 17 00:00:00 2001 From: "Agarwal, Ruchira (ra1926)" Date: Tue, 5 Nov 2019 18:16:50 +0000 Subject: minor updates to clean up code clean up code to sync with internal Issue-ID: CCSDK-1873 Signed-off-by: Agarwal, Ruchira (ra1926) Change-Id: Idcc7186d5aaa783c527de3986e7a1ecd9bfcf651 --- .../java/org/onap/ccsdk/sli/adaptors/resource/mdsal/RestService.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'mdsal-resource/provider') diff --git a/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/RestService.java b/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/RestService.java index 2991e6be..30859a49 100644 --- a/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/RestService.java +++ b/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/RestService.java @@ -34,6 +34,7 @@ import java.net.URL; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLSession; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; @@ -180,9 +181,11 @@ public class RestService { LOG.info("Response body :\n"+respString); DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + dbf.setFeature("http://xml.org/sax/features/external-general-entities", false); + dbf.setFeature("http://xml.org/sax/features/external-parameter-entities", false); DocumentBuilder db = dbf.newDocumentBuilder(); - response = db.parse(new ByteArrayInputStream(respString.getBytes())); } catch (Exception e) { -- cgit 1.2.3-korg