Grant McLean committed 701b345 Draft

document new default value for 'huge' option

Comments (0)

Files changed (1)

 			      a list of option => value pairs to
 			      set a different default set of options.
 			      Unless specified otherwise, the options
-			      <literal>load_ext_dtd</literal>,
-			      <literal>expand_entities</literal>, and
-			      <literal>huge</literal> are set to 1.
+			      <literal>load_ext_dtd</literal>, and
+			      <literal>expand_entities</literal> are set to 1.
 			      See <xref linkend="parser-options"/> for a list of libxml2 parser's options.
 	      <para>/parser, html, reader/</para>
               <para>relax any hardcoded limit from the parser; possible values are 0 and 1. Unless specified,
-		XML::LibXML sets this option to 1.</para>
+		XML::LibXML sets this option to 0.</para>
+              <para>Note: the default value for this option was changed to protect against denial
+                of service through entity expansion attacks.  Before enabling the option ensure
+                you have taken alternative measures to protect your application against this type
+                of attack.</para>