Disable access to external entities in XML parsing

• 使用SAXReader读取XML数据

		SAXReader saxReader = new SAXReader();
        Document userDocument = null;
        try {
    
            // 读取xml数据为Document对象
            Document document = saxReader.read(new ByteArrayInputStream(xmlData.getBytes(StandardCharsets.UTF_8)));
            String signatureContent = document.getRootElement().element("signatureContent").getData().toString();
            // Base64解析获取数据
            byte[] byteData = Base64.decode(signatureContent);
            String data = new String(byteData, StandardCharsets.UTF_8);
            userDocument = saxReader.read(new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8)));
            } catch (DocumentException e) {
    
            }

• 使用SonarLint扫描代码提示Disable access to external entities in XML parsing，提示风险禁止在XML解析中访问外部实体

		// 关闭DTD解析
        SAXReader saxReader = SAXReader.createDefault();
        Document userDocument = null;
        try {
    
            // 读取xml数据为Document对象
            Document document = saxReader.read(new ByteArrayInputStream(xmlData.getBytes(StandardCharsets.UTF_8)));
            String signatureContent = document.getRootElement().element("signatureContent").getData().toString();
            // Base64解析获取数据
            byte[] byteData = Base64.decode(signatureContent);
            String data = new String(byteData, StandardCharsets.UTF_8);
            userDocument = saxReader.read(new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8)));
        } catch (DocumentException e) {
    
            result.addElement("status").addText("1");
            result.addElement("failReason").addText(e.getMessage());
            log.error("解析xml数据失败: " + e.getMessage(), e);
        }

使用SAXReader.createDefault()来生成解析器，里面设置关闭了DTO解析。