]> granicus.if.org Git - python/commit
projects / python / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9fb051f) | patch
bpo-17239: Disable external entities in SAX parser (GH-9217)
authorChristian Heimes <christian@python.org>
Sun, 23 Sep 2018 07:50:25 +0000 (09:50 +0200)
committerMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Sun, 23 Sep 2018 07:50:25 +0000 (00:50 -0700)
commit17b1d5d4e36aa57a9b25a0e694affbd1ee637e45
tree486acd3328d5e607bd05936fdfb73eb548d4fa90tree | snapshot
parent9fb051f032c36b9f6086b79086b4d6b7755a3d70commit | diff
bpo-17239: Disable external entities in SAX parser (GH-9217)

The SAX parser no longer processes general external entities by default
to increase security. Before, the parser created network connections
to fetch remote files or loaded local files from the file system for DTD
and entities.

Signed-off-by: Christian Heimes <christian@python.org>
https://bugs.python.org/issue17239
Doc/library/xml.dom.pulldom.rst diff | blob | history
Doc/library/xml.rst diff | blob | history
Doc/library/xml.sax.rst diff | blob | history
Doc/whatsnew/3.8.rst diff | blob | history
Lib/test/test_pulldom.py diff | blob | history
Lib/test/test_sax.py diff | blob | history
Lib/test/test_xml_etree.py diff | blob | history
Lib/xml/sax/expatreader.py diff | blob | history
Misc/NEWS.d/next/Security/2018-09-11-18-30-55.bpo-17239.kOpwK2.rst [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.