src/org/openbravo/service/rest/DalWebService.java
changeset 9917 381dd8af30f9
parent 9072 79e55dfc8af0
equal deleted inserted replaced
9916:389534944830 9917:381dd8af30f9
   377     // throw new ResourceNotFoundException("Resource " + segment + " not found", ce);
   377     // throw new ResourceNotFoundException("Resource " + segment + " not found", ce);
   378     // }
   378     // }
   379 
   379 
   380     try {
   380     try {
   381       final SAXReader reader = new SAXReader();
   381       final SAXReader reader = new SAXReader();
       
   382       reader.setFeature("http://xml.org/sax/features/external-general-entities", false);
       
   383       reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
       
   384       reader.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
   382       final Document document = reader.read(request.getInputStream());
   385       final Document document = reader.read(request.getInputStream());
   383 
   386 
   384       // now parse the xml and let it be translated to a set of
   387       // now parse the xml and let it be translated to a set of
   385       // of objects, note that referenced objects are supposed to be
   388       // of objects, note that referenced objects are supposed to be
   386       // present and are not inserted/updated.
   389       // present and are not inserted/updated.