mirror of
https://github.com/retailcrm/PHPExcel.git
synced 2024-11-22 21:36:05 +03:00
Added XXE protection to HTML Reader
This commit is contained in:
parent
65178504ca
commit
8f265a9342
@ -424,7 +424,7 @@ class PHPExcel_Reader_HTML extends PHPExcel_Reader_Abstract implements PHPExcel_
|
||||
// Create a new DOM object
|
||||
$dom = new domDocument;
|
||||
// Reload the HTML file into the DOM object
|
||||
$loaded = $dom->loadHTMLFile($pFilename);
|
||||
$loaded = $dom->loadHTMLFile($pFilename, PHPExcel_Settings::getLibXmlLoaderOptions());
|
||||
if ($loaded === FALSE) {
|
||||
throw new PHPExcel_Reader_Exception('Failed to load ',$pFilename,' as a DOM Document');
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user