TechQA.

How to disable External Entity Resolution in xerces C++ DOMLSParser

918 views Asked by At

We are using Xerces C++ DOMLSParser. I want to disable External Entities but could not find anything for DOMLSParser.

How to disable Loading External Entities to prevent XXE attacks?

xml xerces xerces-c xxe
Original Q&A
1

There are 1 answers

0
Arne Luenser On 
xercesc::DOMImplementation* impl = xercesc::DOMImplementationRegistry::getDOMImplementation (u"LS");
xercesc::DOMLSParser* parser = impl->createLSParser(xercesc::DOMImplementationLS::MODE_SYNCHRONOUS, nullptr);
xercesc::DOMConfiguration* conf = parser->getDomConfig();
conf->setParameter(xercesc::XMLUni::fgDOMEntities, false);

Documentation: https://xerces.apache.org/xerces-c/program-dom-3.html (search for fgDOMEntities)

Related Questions in XML

Related Questions in XERCES

Related Questions in XERCES-C

Related Questions in XXE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions