Skip to content

ifindya/dom4j

 
 

Repository files navigation

Maven Central codecov.io Build Status Javadocs

dom4j

dom4j is an open source framework for processing XML which is integrated with XPath and fully supports DOM, SAX, JAXP and the Java platform such as Java 2 Collections.

News

Version 2.1.4 released

See https://github.com/dom4j/dom4j/releases/tag/version-2.1.4

Version 2.0.3 and 2.1.3 released

(Version 2.1.2 has been skipped.)

Improvements

  • Added new factory method org.dom4j.io.SAXReader.createDefault(). It hase more secure defaults than new SAXReader(), which uses system XMLReaderFactory.createXMLReader() or SAXParserFactory.newInstance().newSAXParser(). SAXReader.createDefault() disable parsing of external entities in the SAX parser.

Version 2.1.1 released

Bug fix release.

Potential breaking changes

  • If you use some optional dependency of dom4j (for example Jaxen, xsdlib etc.), you need to specify an explicit dependency on it in your project. They are no longer marked as a mandatory transitive dependency by dom4j.

Fixed issues

  • #28 Possible vulnerability of DocumentHelper.parseText() to XML injection (reported by @s0m30ne)
  • #34 CVS directories left in the source tree (reported by @ebourg)
  • #38 XMLWriter does not escape supplementary unicode characters correctly (reported by @abenkovskii)
  • #39 writer.writeOpen(x) doesn't write namespaces (reported by @borissmidt)
  • #40 concurrency problem with QNameCache (@jbennett2091)
  • #43 and #46 all dependencies are optional (reported by @Zardoz89 and @vmassol)
  • #44 SAXReader: hardcoded namespace features (reported by @philippeu)
  • #48 validate QNames (reported by @mario-areias)

About

flexible XML framework for Java

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Java 97.6%
  • HTML 2.1%
  • XSLT 0.3%