[jira] [Created] (SOLR-16296) Load elevate.xml, currency.xml, ... in a more secure way

Haythem Khiri (Jira) Fri, 15 Jul 2022 06:02:27 -0700

Haythem Khiri created SOLR-16296:
------------------------------------

             Summary: Load elevate.xml, currency.xml, ... in a more secure way
                 Key: SOLR-16296
                 URL: https://issues.apache.org/jira/browse/SOLR-16296
             Project: Solr
          Issue Type: Improvement
      Security Level: Public (Default Security Level. Issues are Public)
            Reporter: Haythem Khiri



Solr should ensure that most XML files in a ConfigSet should be loaded in an 
untrusted way for security. XML files can have custom DTDs and Xinclude for 
ConfigSets provided externally.

This is not about changing how solrconfig.xml and schema.xml is being loaded.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org

[jira] [Created] (SOLR-16296) Load elevate.xml, currency.xml, ... in a more secure way

Reply via email to