defusedxml / defusedxml /

# defusedxml
# Copyright (c) 2013 by Christian Heimes <>
# Licensed to PSF under a Contributor Agreement.
# See for licensing details.
"""Defuse XML bomb denial of service vulnerabilities
from __future__ import print_function, absolute_import

from .common import (DefusedXmlException, DTDForbidden, EntitiesForbidden,
                     ExternalReferenceForbidden, NotSupportedError,

def defuse_stdlib():
    """Monkey patch and defuse all stdlib packages

    :warning: It's an HIGHLY EXPERIMETNAL and hardly tested feature.
    defused = {}

    from . import cElementTree
    from . import ElementTree
    from . import minidom
    from . import pulldom
    from . import sax
    from . import expatbuilder
    from . import expatreader
    from . import xmlrpc

    defused[xmlrpc] = None

    for defused_mod in [cElementTree, ElementTree, minidom, pulldom, sax,
                        expatbuilder, expatreader]:
        stdlib_mod = _apply_defusing(defused_mod)
        defused[defused_mod] = stdlib_mod

    return defused

__version__ = "0.4"
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.