diff options
Diffstat (limited to 'mdsal-resource/provider/src/main/java')
-rw-r--r-- | mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/RestService.java | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/RestService.java b/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/RestService.java index 2991e6bef..30859a492 100644 --- a/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/RestService.java +++ b/mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/RestService.java @@ -34,6 +34,7 @@ import java.net.URL; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLSession; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; @@ -180,9 +181,11 @@ public class RestService { LOG.info("Response body :\n"+respString); DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + dbf.setFeature("http://xml.org/sax/features/external-general-entities", false); + dbf.setFeature("http://xml.org/sax/features/external-parameter-entities", false); DocumentBuilder db = dbf.newDocumentBuilder(); - response = db.parse(new ByteArrayInputStream(respString.getBytes())); } catch (Exception e) { |