diff --git a/spring-web/src/main/java/org/springframework/http/converter/xml/Jaxb2CollectionHttpMessageConverter.java b/spring-web/src/main/java/org/springframework/http/converter/xml/Jaxb2CollectionHttpMessageConverter.java index e4a540e584..81fb9373e3 100644 --- a/spring-web/src/main/java/org/springframework/http/converter/xml/Jaxb2CollectionHttpMessageConverter.java +++ b/spring-web/src/main/java/org/springframework/http/converter/xml/Jaxb2CollectionHttpMessageConverter.java @@ -229,7 +229,7 @@ public class Jaxb2CollectionHttpMessageConverter */ protected XMLInputFactory createXmlInputFactory() { XMLInputFactory inputFactory = XMLInputFactory.newInstance(); - inputFactory.setProperty(XMLInputFactory.IS_REPLACING_ENTITY_REFERENCES, false); + inputFactory.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, false); return inputFactory; } diff --git a/spring-web/src/test/java/org/springframework/http/converter/xml/Jaxb2CollectionHttpMessageConverterTests.java b/spring-web/src/test/java/org/springframework/http/converter/xml/Jaxb2CollectionHttpMessageConverterTests.java index 344362036e..ef56a13aa5 100644 --- a/spring-web/src/test/java/org/springframework/http/converter/xml/Jaxb2CollectionHttpMessageConverterTests.java +++ b/spring-web/src/test/java/org/springframework/http/converter/xml/Jaxb2CollectionHttpMessageConverterTests.java @@ -126,7 +126,7 @@ public class Jaxb2CollectionHttpMessageConverterTests { @Test @SuppressWarnings("unchecked") - public void readXmlRootElementWithExternalEntity() throws Exception { + public void readXmlRootElementExternalEntityDisabled() throws Exception { Resource external = new ClassPathResource("external.txt", getClass()); String content = "&ext;"; MockHttpInputMessage inputMessage = new MockHttpInputMessage(content.getBytes("UTF-8")); - // Now read with Jaxb2CollectionHttpMessageConverter c = new Jaxb2CollectionHttpMessageConverter>() { @Override protected XMLInputFactory createXmlInputFactory() {