defusedxml / defusedxml /

# defusedxml
# Copyright (c) 2013 by Christian Heimes <>
# Licensed to PSF under a Contributor Agreement.
# See for licensing details.
"""Defuse XML bomb denial of service vulnerabilities
from __future__ import print_function, absolute_import

from .common import (DefusedXmlException, DTDForbidden, EntitiesForbidden,
                     ExternalReferenceForbidden, NotSupportedError,

def defuse_stdlib():
    """Monkey patch and defuse all stdlib packages

    :warning: It's an HIGHLY EXPERIMETNAL and hardly tested feature.
    defused = {}

    from . import cElementTree
    from . import ElementTree
    from . import minidom
    from . import pulldom
    from . import sax
    from . import expatbuilder
    from . import expatreader
    from . import xmlrpc

    defused[xmlrpc] = None

    for defused_mod in [cElementTree, ElementTree, minidom, pulldom, sax,
                        expatbuilder, expatreader]:
        stdlib_mod = _apply_defusing(defused_mod)
        defused[defused_mod] = stdlib_mod

    return defused

__version__ = "0.5dev"