-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow SAXParserFactory
or SAXParser
to be configured in Jetty's XmlParser
class - GHSA-58qw-p7qm-5rvh
#10066
Comments
joakime
added a commit
that referenced
this issue
Jul 5, 2023
… XmlParser Signed-off-by: Joakim Erdfelt <[email protected]>
joakime
added a commit
that referenced
this issue
Jul 5, 2023
Signed-off-by: Joakim Erdfelt <[email protected]>
joakime
added a commit
that referenced
this issue
Jul 5, 2023
Signed-off-by: Joakim Erdfelt <[email protected]>
joakime
added a commit
that referenced
this issue
Jul 5, 2023
Signed-off-by: Joakim Erdfelt <[email protected]>
joakime
added a commit
that referenced
this issue
Jul 5, 2023
Signed-off-by: Joakim Erdfelt <[email protected]>
joakime
added a commit
that referenced
this issue
Jul 6, 2023
…er` in `XmlParser` (#10067) * Allow customization of SAXParserFactory / SAXParser in XmlParser * Introduce method `.getSAXParser()` --------- Signed-off-by: Joakim Erdfelt <[email protected]> Co-authored-by: Greg Wilkins <[email protected]>
joakime
added a commit
that referenced
this issue
Aug 11, 2023
…er` in `XmlParser` (#10067) * Allow customization of SAXParserFactory / SAXParser in XmlParser * Introduce method `.getSAXParser()` --------- Signed-off-by: Joakim Erdfelt <[email protected]> Co-authored-by: Greg Wilkins <[email protected]>
joakime
added a commit
that referenced
this issue
Aug 14, 2023
…er` in `XmlParser` (#10299) Backports of * Issue #10066 - Allow customization of `SAXParserFactory` and `SAXParser` in `XmlParser` (#10067) * Updating various old/moved URL references found across project (`jetty-10.0.x`) (#10098) Consisting of * Allow customization of SAXParserFactory / SAXParser in XmlParser * Introduce method `.getSAXParser()` * Prepending doctype in testcases * More comprehensive changes to redirectEntity config * Updating various old/moved URL references found across project (`jetty-10.0.x`) (#10098) * Now that the migration of `https://eclipse.org/jetty/` to `https://eclipse.dev/jetty/` has occurred, it is time to review the URI use in our project * Added more URIs to XmlConfiguration * Better SAXParseException handling to report resource that is causing the problem * Add missing DOCTYPE declarations * Enforcing unique XML ids --------- Signed-off-by: Joakim Erdfelt <[email protected]> Co-authored-by: Greg Wilkins <[email protected]>
joakime
changed the title
Allow
Allow Aug 30, 2023
SAXParserFactory
or SAXParser
to be configured in Jetty's XmlParser
classSAXParserFactory
or SAXParser
to be configured in Jetty's XmlParser
class - GHSA-58qw-p7qm-5rvh
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Jetty version(s)
10+
Enhancement Description
If the user of Jetty's
XmlParser
class wants to customize theSAXParserFactory
orSAXParser
, then there is no way for them to accomplish that.Provide an API that allows the user to customize the behaviors of these classes to suit their needs.
This addresses Advisory GHSA-58qw-p7qm-5rvh
The text was updated successfully, but these errors were encountered: