diff options
Diffstat (limited to 'Doc/library/xml.sax.rst')
| -rw-r--r-- | Doc/library/xml.sax.rst | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/Doc/library/xml.sax.rst b/Doc/library/xml.sax.rst index 78d6633..aa3ea9b 100644 --- a/Doc/library/xml.sax.rst +++ b/Doc/library/xml.sax.rst @@ -24,6 +24,14 @@ the SAX API. constructed data. If you need to parse untrusted or unauthenticated data see :ref:`xml-vulnerabilities`. +.. versionchanged:: 3.8 + + The SAX parser no longer processes general external entities by default + to increase security. Before, the parser created network connections + to fetch remote files or loaded local files from the file + system for DTD and entities. The feature can be enabled again with method + :meth:`~xml.sax.xmlreader.XMLReader.setFeature` on the parser object + and argument :data:`~xml.sax.handler.feature_external_ges`. The convenience functions are: |