Apache Xerces2 J

Splitpackage not allowed on modulepath

AFAIU this is a duplicate of XERCESJ-1689 which has been fixed long ago for version 2.12.3, but, alas, this version is still not released. A new java version requirement is not requested, just a new release of version 2.12.3 to become compatible Read more

Few thoughts on this topic. I guess, XercesJ team currently doesn't have a development goal to provide a future release that is natively aware of Java's module system. But for e.g, if XercesJ might support Java's module system, that we need to Read more

I am working with Java 17 completly based on the module path - so unit tests also there - also using cucumber. When using     xerces     xercesImpl     2.12.2 Read more

Add support for jdk.xml.maxElementDepth to SecureProcessingConfiguration.

Parsing xml cannot limit the maximum element depth, resulting in excessive memory usage and DOS.

I also view this as a feature request and it probably belongs in org.apache.xerces.parsers.SecureProcessingConfiguration with all the other similar properties that have been added to the JDK. I wrote that class, but I'll admit never made much fanfare Read more

This is not a bug, it's a feature request, though I don't have edit rights in this issue tracker. There is a case to be made for adding this feature, but adding it is unlikely to help with your particular concern. You need a more memory efficient Read more

The service with a heap size of 250M is just an example I gave, and the actual business is larger than this configuration. Parsing an xml file of similar size, shallow depth, but with the same number of elements takes up about the same amount of Read more

Parsing xml cannot limit the maximum element depth, resulting in excessive memory usage and DOS.