Disable access to external entities in XML parsing

• Use SAXReader Read XML data

		SAXReader saxReader = new SAXReader();
        Document userDocument = null;
        try {
    
            //  Read xml The data is Document object 
            Document document = saxReader.read(new ByteArrayInputStream(xmlData.getBytes(StandardCharsets.UTF_8)));
            String signatureContent = document.getRootElement().element("signatureContent").getData().toString();
            // Base64 Parse and get data 
            byte[] byteData = Base64.decode(signatureContent);
            String data = new String(byteData, StandardCharsets.UTF_8);
            userDocument = saxReader.read(new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8)));
            } catch (DocumentException e) {
    
            }

• Use SonarLint Scan code prompt Disable access to external entities in XML parsing, Remind that risks are prohibited in XML Accessing external entities in parsing

		//  close DTD analysis 
        SAXReader saxReader = SAXReader.createDefault();
        Document userDocument = null;
        try {
    
            //  Read xml The data is Document object 
            Document document = saxReader.read(new ByteArrayInputStream(xmlData.getBytes(StandardCharsets.UTF_8)));
            String signatureContent = document.getRootElement().element("signatureContent").getData().toString();
            // Base64 Parse and get data 
            byte[] byteData = Base64.decode(signatureContent);
            String data = new String(byteData, StandardCharsets.UTF_8);
            userDocument = saxReader.read(new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8)));
        } catch (DocumentException e) {
    
            result.addElement("status").addText("1");
            result.addElement("failReason").addText(e.getMessage());
            log.error(" analysis xml The data of failure : " + e.getMessage(), e);
        }

Use SAXReader.createDefault() To generate a parser , The settings inside are turned off DTO analysis .