Software InsightsAll Posts

Xml

Insights and articles on Xml

Learn how to secure your APIs against XML External Entity (XEE) attacks, including XML Injection and XML Expansion attacks, with practical mitigation steps for Java and RestEasy.

TL;DR: Prevent XEE attacks in Java/RestEasy by configuring SAXParserFactory to disable external entities and disallow DTDs, and enabling secure processing.
Software ArchitectureDevelopment Best PracticesProgramming LanguagessecurityAPIXMLJava

Learn how to handle invalid XML characters in input data, especially when converting JSON to XML, and how to resolve issues with curl requests.

TL;DR: Sanitize XML input by using a regex to remove invalid characters. Unescape characters from curl requests before validation using Apache Commons Lang's `StringEscapeUtils.unescapeJava`.
Programming LanguagesDevelopment Best PracticesXMLJava

© 2025 CloudCounsel Ltd. All rights reserved. Expert software development insights and consulting.