disable-external-entities
function
Usage: (disable-external-entities parser)
Modifies a SAXParser to disable external entity resolution to prevent XXE attacks
Added in Clojure version 1.11
Source
parse
function
Usage: (parse s)
(parse s startparse)
Parses and loads the source s, which can be a File, InputStream or
String naming a URI. Returns a tree of the xml/element struct-map,
which has the keys :tag, :attrs, and :content. and accessor fns tag,
attrs, and content. Other parsers can be supplied by passing
startparse, a fn taking a source and a ContentHandler and returning
a parser.
Prior to 1.11, used startparse-sax by default. As of 1.11, uses
startparse-sax-safe, which disables XXE (XML External Entity)
processing. Pass startparse-sax to revert to prior behavior.
Added in Clojure version 1.0
Source
startparse-sax
function
Usage: (startparse-sax s ch)
A startparse function suitable for use with clojure.xml/parse.
Note that this function is open to XXE entity attacks, see startparse-sax-safe.
Added in Clojure version 1.0
Source
startparse-sax-safe
function
Usage: (startparse-sax-safe s ch)
A startparse function suitable for use with clojure.xml/parse.
External entity resolution is disabled to prevent XXE entity attacks.
Added in Clojure version 1.11
Source