S
shenhav.yossi
Hello,
I use XFire and Tomcat to buid a web service.
I want to configure XFire to support XML 1.1 only (and not to support
DTD which is XML 1.0 standard)..
In particular I would like to prevent potenial attacker from sending
SOAP request that inculde DTD elements (otherwise known as XML bomb).
Does anybody know of such configuration?
I use XFire and Tomcat to buid a web service.
I want to configure XFire to support XML 1.1 only (and not to support
DTD which is XML 1.0 standard)..
In particular I would like to prevent potenial attacker from sending
SOAP request that inculde DTD elements (otherwise known as XML bomb).
Does anybody know of such configuration?