Reviewed: https://review.openstack.org/519618 Committed: https://git.openstack.org/cgit/openstack/cinder/commit/?id=21362156125cadc0cddbffdc911d15a29c949902 Submitter: Zuul Branch: master
commit 21362156125cadc0cddbffdc911d15a29c949902 Author: lijing <email address hidden> Date: Tue Nov 14 18:59:29 2017 +0800
use defusedxml to avoid XML attack
According to https://docs.openstack.org/bandit/latest/api/bandit.blacklists.html
Using various XML methods to parse untrusted XML data is known to be vulnerable to XML attacks. Methods should be replaced with their defusedxml equivalents.
Change-Id: Icdd807c8fd47ce0df3e292eef910e6e6e7610686 Partial-Bug: #1732155
Reviewed: https:/ /review. openstack. org/519618 /git.openstack. org/cgit/ openstack/ cinder/ commit/ ?id=21362156125 cadc0cddbffdc91 1d15a29c949902
Committed: https:/
Submitter: Zuul
Branch: master
commit 21362156125cadc 0cddbffdc911d15 a29c949902
Author: lijing <email address hidden>
Date: Tue Nov 14 18:59:29 2017 +0800
use defusedxml to avoid XML attack
According to https:/ /docs.openstack .org/bandit/ latest/ api/bandit. blacklists. html
Using various XML methods to parse untrusted XML data is known to be vulnerable
to XML attacks. Methods should be replaced with their defusedxml equivalents.
Change-Id: Icdd807c8fd47ce 0df3e292eef910e 6e6e7610686
Partial-Bug: #1732155