Today I Learned: collection of notes, tips and tricks and stuff I learn from day to day working with computers and technology as an open source contributor and product manager

View project on GitHub

Avoid entity expansion

Many XML parsers support entity expansion, this is however a security issue, the issue is called XML BOMB since you can get a XML parser to do recursive expansion of entities, letting the XML parser hug all resources.