public static WxMpXMLInMemoryConfigStorage fromXml(InputStream is) throws JAXBException {
Unmarshaller um = JAXBContext.newInstance(WxMpXMLInMemoryConfigStorage.class).createUnmarshaller();
InputSource inputSource = new InputSource(is);
inputSource.setEncoding("utf-8");
return (WxMpXMLInMemoryConfigStorage) um.unmarshal(inputSource);
}
中 return 一行提示:
XML parser configured in WxMpXMLInMemoryConfigStorage.java:34 does not
prevent nor limit external entities resolution. This can expose the parser to an XML
External Entities attack.
IP卡
狗仔卡
发表于 2017-8-25 16:36:47
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
发表于 2017-8-28 17:53:18
楼主