即使我将我的代码更改为我在网络中发现的以下内容,我每次都会一直得到这个错误:
private Document convertInputToDocument(InputStream xml) {
try {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
factory.setFeature("http://xml.org/sax/features/external-general-entities", false);
factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
factory.setIgnoringElementContentWhitespace(true);
DocumentBuilder builder = factory.newDocumentBuilder();
return builder.parse(xml);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
答案 0 :(得分:0)
背后的原因是强化扫描不会编译那些使用过的软件包,因此无法看到我们提供足够的安全性!