Monday, May 28, 2018

XML Enternal Entity (XXE) Vurnability

Is GWT is prone to XXE Vulnerability by default or it require any specific configuration for that?

XML Prevention Sheet taking about settings for common XML parsers.
https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Prevention_Cheat_Sheet

Not sure what internally configured in GWT internal used XML parsers.

--
You received this message because you are subscribed to the Google Groups "GWT Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscribe@googlegroups.com.
To post to this group, send email to google-web-toolkit@googlegroups.com.
Visit this group at https://groups.google.com/group/google-web-toolkit.
For more options, visit https://groups.google.com/d/optout.

No comments:

Post a Comment