import java.io.IOException;
import java.io.StringReader;
+import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
public Document getCompareDoc(String inXml) throws ParserConfigurationException, SAXException, IOException
{
DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
+ dbFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
+ dbFactory.setFeature("http://xml.org/sax/features/external-general-entities", false);
+ dbFactory.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
+
DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
StringReader reader = new StringReader(inXml);
InputSource inputSource = new InputSource(reader);