jgm
commented
3 years ago OK, I've changed this, adding a new adjustable parameter for the max size of any single entity expansion, and better code for avoiding loops. I've also added more tests.
Closed jgm closed 3 years ago
jgm
commented
3 years ago OK, I've changed this, adding a new adjustable parameter for the max size of any single entity expansion, and better code for avoiding loops. I've also added more tests.
k0ral
commented
3 years ago Squashed and merged, thank you !
jgm
commented
3 years ago Great, thank you for the quick merge. When do you expect a new release of xml-conduit? I am looking forward to switching skylighting from HXT, but this awaits these fixes.
This puts a limit on recursion depth (10) to avoid loops and other attacks.
Fixes #103.