Branch: refs/heads/master Home: https://github.com/xwiki/xwiki-commons Commit: ce6bc970c3c528454a53a4227ea9db1bb0bad649 https://github.com/xwiki/xwiki-commons/commit/ce6bc970c3c528454a53a4227ea9d… Author: Michael Hamann <michael.hamann(a)xwiki.com> Date: 2025-10-24 (Fri, 24 Oct 2025) Changed paths: M xwiki-commons-core/xwiki-commons-xml/pom.xml A xwiki-commons-core/xwiki-commons-xml/src/main/java/org/xwiki/xml/internal/html/CachedDocumentBuilderProvider.java M xwiki-commons-core/xwiki-commons-xml/src/main/java/org/xwiki/xml/internal/html/DefaultHTMLCleaner.java M xwiki-commons-core/xwiki-commons-xml/src/main/resources/META-INF/components.txt M xwiki-commons-core/xwiki-commons-xml/src/test/java/org/xwiki/xml/html/DefaultHTMLCleanerComponentList.java A xwiki-commons-core/xwiki-commons-xml/src/test/java/org/xwiki/xml/internal/html/CachedDocumentBuilderProviderTest.java Log Message: ----------- XCOMMONS-3458: HTMLCleaner should use a securely configured document builder (#1482) * Configure the document builder to use secure parsing and not load external DTDs. * Introduce a new component to provide the document builder to avoid depending on too many classes in DefaultHTMLCleaner. * Add a unit test for the new component, verifying both the caching and the secure processing configuration. * Add the new component to DefaultHTMLCleanerComponentList to make it available in tests that use the HTML cleaner. * Increase test coverage to actual coverage. To unsubscribe from these emails, change your notification settings at https://github.com/xwiki/xwiki-commons/settings/notifications