maci._defuse_xml_stdlib

enable defusedxml feature

Calling this function may provide aid in reducing risk factors when working with XML data. Under the hood, this is simply pointing to the defusedxml library monkey patch standard libraries function.

This feature is EXPERIMENTAL according to the developers. Please read below for more information and documentation from the external package and official python docs supporting defusedxml.

Reason maci library provides this is to help facilitate more security for XML data and provide a simple easy api solution to enable support. Example activating it by calling the function

maci._defuse_xml_stdlib()

In this example we simply called the _defuse_xml_stdlib function to activate the defusedxml feature.

You only need to call this once during the runtime of the program. It is best to call it at the beginning or before you handle any xml data.

The purpose of using defusedxml.defused_stdlib is to patch or replace parts of the standard XML parsing libraries (xml.etree.ElementTree, xml.dom.minidom, xml.sax, and others) with safer implementations that prevent these vulnerabilities. This is particularly important for applications that need to process XML data from untrusted sources.

For more information on the provided defusedxml external pkg, visit: https://pypi.org/project/defusedxml

Official Python doc stating std lib xml vulns and recommending defusedxml: https://docs.python.org/3/library/xml.html#xml-vulnerabilities

Last updated