Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8259801 Enable XML Signature secure validation mode by default
  3. JDK-8260556

Update Security Guide for Enable XML Signature secure validation mode by default

    XMLWordPrintable

    Details

    • Type: Sub-task
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: 17
    • Fix Version/s: 17
    • Component/s: docs
    • Labels:

      Description

      The XML Digital Signature API Overview and Tutorial should be updated for this change. Proposed text below, do a diff against current to see what changed:

      =======

      XML Signature Secure Validation Mode

      The XML Signature secure validation mode can protect you from XML Signatures that may contain potentially hostile constructs that can cause denial-of-service or other types of security issues. The constraints are specified in the `jdk.xml.dsig.secureValidationPolicy` security property in the `java.security` configuration file.

      The XML Signature secure validation mode is enabled by default.

      If necessary, and at your own risk, you can disable the XML Signature secure validation mode by setting the "org.jcp.xml.dsig.secureValidation" property to Boolean.FALSE with the `DOMValidateContext.setProperty()` API.

        Attachments

          Activity

            People

            Assignee:
            rgallard Raymond Gallardo
            Reporter:
            mullan Sean Mullan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: