Bug 1165127 - [Doc Bug Fix] New configuration parameters for resteasy
Summary: [Doc Bug Fix] New configuration parameters for resteasy
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Documentation
Version: 6.4.0
Hardware: Unspecified
OS: Unspecified
unspecified
urgent
Target Milestone: ER3
: EAP 6.4.0
Assignee: Nidhi
QA Contact: Katerina Odabasi
URL:
Whiteboard: DG
Depends On: 1090487
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-11-18 11:59 UTC by Katerina Odabasi
Modified: 2015-04-17 05:40 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Build Name: 22816, Development Guide-6.3-1 Build Date: 18-11-2014 15:56:42 Topic ID: 5555-667856 [Latest]
Last Closed: 2015-04-17 05:40:51 UTC
Type: Bug


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Issue Tracker RESTEASY-1055 Major Closed Resteasy secure processing to be turn on by default to apply entity expansion limit 2015-04-17 05:36:43 UTC

Description Katerina Odabasi 2014-11-18 11:59:02 UTC
Title: RESTEasy Configuration Parameters

Describe the issue:
Resteasy 2.3.9 introduced two new parameters as part of the fix of BZ#1090487:

resteasy.document.secure.processing.feature
resteasy.document.secure.disableDTDs

See upstream jira RESTEASY-1055 for details.

Suggestions for improvement:
See upstream doc:
http://docs.jboss.org/resteasy/docs/2.3.7.Final/userguide/html_single/index.html#d4e39

Additional information:

Comment 1 Katerina Odabasi 2015-01-19 09:30:34 UTC
Correction of the link for the reference upstream documentation:
http://docs.jboss.org/resteasy/docs/3.0.9.Final/userguide/html_single/

The following two parameters from the above link need to be copied to the documentation:
Name: resteasy.document.secure.processing.feature 	
Default value: true
Description: Impose security constraints in processing org.w3c.dom.Document documents and JAXB object representations

Name: resteasy.document.secure.disableDTDs
Default value: true
Description: Prohibit DTDs in org.w3c.dom.Document documents and JAXB object representations


Note You need to log in before you can comment on or make changes to this bug.