Xerces 2.1 cpp disable external entity dereferencing


A

ani.purkar

hi,

I am using Xerces 2.1 C++ SAXParser for parsing the xml input.
Is there any way to disable external entity dereferencing to avoid XEE attack for this implementation.

I cant find setFeature or getFeature method provided with SAXParser interface.

Any pointer would be appreciated.

Thanks.
 
Ad

Advertisements

Ö

Öö Tiib

I am using Xerces 2.1 C++ SAXParser for parsing the xml input.

From where you get that 2.1? Haven't Xerces-C++ 3.1.1 and 2.8.0
been the latest versions for 5 years?
Is there any way to disable external entity dereferencing to avoid XEE attack for this implementation.

I cant find setFeature or getFeature method provided with SAXParser interface.

Any pointer would be appreciated.

Generally, If you need support with particular product then best idea is to contact its
community, its authors and other users. Apache Xerces has mailing lists for that
http://xerces.apache.org/mail.html They will likely ask for lot of money if you really
want to hire them to dig in some obsolete legacy version.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top