mirror of
https://github.com/retailcrm/PHPExcel.git
synced 2024-11-22 21:36:05 +03:00
Added XXE protection to HTML Reader
This commit is contained in:
parent
65178504ca
commit
8f265a9342
@ -424,7 +424,7 @@ class PHPExcel_Reader_HTML extends PHPExcel_Reader_Abstract implements PHPExcel_
|
|||||||
// Create a new DOM object
|
// Create a new DOM object
|
||||||
$dom = new domDocument;
|
$dom = new domDocument;
|
||||||
// Reload the HTML file into the DOM object
|
// Reload the HTML file into the DOM object
|
||||||
$loaded = $dom->loadHTMLFile($pFilename);
|
$loaded = $dom->loadHTMLFile($pFilename, PHPExcel_Settings::getLibXmlLoaderOptions());
|
||||||
if ($loaded === FALSE) {
|
if ($loaded === FALSE) {
|
||||||
throw new PHPExcel_Reader_Exception('Failed to load ',$pFilename,' as a DOM Document');
|
throw new PHPExcel_Reader_Exception('Failed to load ',$pFilename,' as a DOM Document');
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user