Module defusedxml.lxml
is not fully protected and is deprecated
#31
Labels
defusedxml.lxml
is not fully protected and is deprecated
#31
We rely on function
defusedxml.lxml.fromstring()
for our functionlibs.xml_utils.parse_untrusted_xml()
. What should we use instead?Source
Source
CC @jtrh
Alternatives
Perhaps there are others?
defusedxml.ElementTree.fromstring
defusedxml.cElementTree.fromstring
The text was updated successfully, but these errors were encountered: