diff --git a/src/main/java/hudson/plugins/fitnesse/ConvertReport.java b/src/main/java/hudson/plugins/fitnesse/ConvertReport.java index abc27f1..ca2ff56 100644 --- a/src/main/java/hudson/plugins/fitnesse/ConvertReport.java +++ b/src/main/java/hudson/plugins/fitnesse/ConvertReport.java @@ -5,6 +5,7 @@ import javax.xml.transform.*; import javax.xml.transform.stream.StreamResult; import javax.xml.transform.stream.StreamSource; +import javax.xml.*; import java.io.*; /** @@ -18,6 +19,8 @@ public static void generateJunitResult(FilePath inputFilePath, FilePath outputFi Source stylesheetSource = new StreamSource(reader); TransformerFactory factory = TransformerFactory.newInstance(); + factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + Transformer transformer = factory.newTransformer(stylesheetSource); Source inputSource = new StreamSource(inputFilePath.read()); diff --git a/src/main/java/hudson/plugins/fitnesse/FitnessePlugin.java b/src/main/java/hudson/plugins/fitnesse/FitnessePlugin.java index ad60cde..27c50f5 100644 --- a/src/main/java/hudson/plugins/fitnesse/FitnessePlugin.java +++ b/src/main/java/hudson/plugins/fitnesse/FitnessePlugin.java @@ -12,6 +12,7 @@ import javax.xml.transform.TransformerFactory; import javax.xml.transform.TransformerFactoryConfigurationError; import javax.xml.transform.stream.StreamSource; +import javax.xml.*; public class FitnessePlugin extends Plugin { static Templates templates; @@ -31,6 +32,7 @@ private static void initTemplate() throws TransformerFactoryConfigurationError, StreamSource xslSource = new StreamSource(isDeBom); TransformerFactory transformerFactory = TransformerFactory.newInstance(); + transformerFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); templates = transformerFactory.newTemplates(xslSource); } finally { if (is != null)