4. Howto protect my app from xml bombs?

Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

Howto protect my app from xml bombs?


  • My Qt app displays Html text that is supplied by external users, and I can't control what content it will get to display. In order to prevent my app from crashing because of a Xml bomb (e.g. blillion laughs bombs etc) I would like Qt to use my own XmlEntityResolver in all qwidgets.

    Where can I replace the default QXmlEntityResolver throughout the entire application ?

    I'm looking for something like:

    QApplication::setDefaultXmlEntityResolver( new MyOwnEntityResolver() )

    ... but it appears it's not so easy.

    Can you help me?

    Thanks a lot in advance

    0
Log in to reply