Integrated: 8314180: Disable XPath in XML Signatures
Sean Mullan
mullan at openjdk.org
Fri Jun 13 12:18:00 UTC 2025
On Tue, 10 Jun 2025 12:29:24 GMT, Sean Mullan <mullan at openjdk.org> wrote:
> The XPath Transform is rarely used, introduces complexity, and is not recommended by the [XML Signature Best Practices](https://www.w3.org/TR/xmldsig-bestpractices/) document. Applications should use the XPath Transform 2.0 Filter instead, which was designed to be an alternative to the XPath Transform. This change will disable the XPath Transform by default.
This pull request has now been integrated.
Changeset: b5334fe2
Author: Sean Mullan <mullan at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/b5334fe23797a81b91a558f9e55cdcaaee61d37b
Stats: 14 lines in 5 files changed: 2 ins; 0 del; 12 mod
8314180: Disable XPath in XML Signatures
Reviewed-by: weijun
-------------
PR: https://git.openjdk.org/jdk/pull/25721
More information about the security-dev
mailing list