Xerces 2.1 cpp disable external entity dereferencing

Discussion in 'C++' started by ani.purkar, May 30, 2014.

  1. ani.purkar

    ani.purkar Guest


    I am using Xerces 2.1 C++ SAXParser for parsing the xml input.
    Is there any way to disable external entity dereferencing to avoid XEE attack for this implementation.

    I cant find setFeature or getFeature method provided with SAXParser interface.

    Any pointer would be appreciated.

    ani.purkar, May 30, 2014
    1. Advertisements

  2. ani.purkar

    Öö Tiib Guest

    From where you get that 2.1? Haven't Xerces-C++ 3.1.1 and 2.8.0
    been the latest versions for 5 years?
    Generally, If you need support with particular product then best idea is to contact its
    community, its authors and other users. Apache Xerces has mailing lists for that
    http://xerces.apache.org/mail.html They will likely ask for lot of money if you really
    want to hire them to dig in some obsolete legacy version.
    Öö Tiib, May 30, 2014
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.