mirror of
https://github.com/openhab/openhab-addons.git
synced 2025-01-10 15:11:59 +01:00
made Enigma2 binding compile again after merge of private branch
Signed-off-by: Kai Kreuzer <kai@openhab.org>
This commit is contained in:
parent
1c0da8367e
commit
4276f5cae0
@ -81,16 +81,19 @@ public class Enigma2Client {
|
||||
private final Enigma2HttpClient enigma2HttpClient;
|
||||
private final DocumentBuilderFactory factory;
|
||||
|
||||
public Enigma2Client(String host, @Nullable String user, @Nullable String password, int requestTimeout)
|
||||
throws ParserConfigurationException {
|
||||
public Enigma2Client(String host, @Nullable String user, @Nullable String password, int requestTimeout) {
|
||||
enigma2HttpClient = new Enigma2HttpClient(requestTimeout);
|
||||
factory = DocumentBuilderFactory.newInstance();
|
||||
// see https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html
|
||||
try {
|
||||
factory.setFeature("http://xml.org/sax/features/external-general-entities", false);
|
||||
factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
|
||||
factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
|
||||
factory.setXIncludeAware(false);
|
||||
factory.setExpandEntityReferences(false);
|
||||
} catch (ParserConfigurationException e) {
|
||||
logger.warn("Failed setting parser features against XXE attacks!", e);
|
||||
}
|
||||
if (StringUtils.isNotEmpty(user) && StringUtils.isNotEmpty(password)) {
|
||||
this.host = "http://" + user + ":" + password + "@" + host;
|
||||
} else {
|
||||
|
Loading…
Reference in New Issue
Block a user