Important: Please read the Qt Code of Conduct -

How to set the default XmlReader or SvgReader in a Qt application

  • Hi!

    My Application displays html text in all sorts of widgets. I would like to be able to disable some of the features
    that come up with HTML, including svg and xml, to protect against e.g. lol bombs.

    My questions:

    • how can I get/modify the default XmlReader that Qt uses for parsing xml ? I want to set a entityResolver that does nothing, by doing something like:


    .. but there's no such method as getDefaultXmlReader()

    • how can I disable svg at compilation time ? Apparently setting QT_NO_SVG has no effect except if recompilign Qt.

    Thanks a lot for your help!

  • Moderators


    How are you currently parsing XML documents? There is no "default XML reader". You need to explicitly instantiate a "QXmlStreamReader":, or explicitly use the classes from the older "Qt XML module":

    SVG support is provided through a separate "Qt SVG module": Simply omit the module from your project, and don't deploy the SVG-related shared libraries with your app. Your app won't read SVG files then.

  • Thanks for the reply.

    I'm parsing XML documents implicitly when I do:

    myRTextBrowser->setHtml( string_in_html ) ;


    myLabel->setText( string_in_html ) ;

    when doing that, Qt parses the html in the string and interprets all content, includign embedded images, some of which are SVG => calls a Xml parser.

    So there must be somewhere in Qt, a default XmlParser object on which I can call setDefaultEntityResolver(NULL).

  • Moderators

    QTextBrowser and QLabel use a rich text engine which supports a subset of HTML and CSS, but doesn't understand XML entities (see ). Unrecognized tags are simply ignored; any textual content within the unrecognized tags are displayed as plain text.

    Inputting a HTML document with embedded SVG (e.g. ) displays the text, but not the image.

    Inputting a lol bomb is harmless, as it won't get expanded.

Log in to reply