From c8d112e458799721d0c78959bc591b90e2f8d199 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Filip=20Jirs=C3=A1k?= <filip@jirsak.org>
Date: Sun, 1 Jul 2018 12:45:33 +0200
Subject: [PATCH] #28 Disable downloading external resources with
 DocumentHelper.parseText() helper.

(cherry picked from commit 8f6a7f6001d679176c1079ac65871d4e493360db)
---
 src/main/java/org/dom4j/DocumentHelper.java |  3 +++

diff --git a/src/main/java/org/dom4j/DocumentHelper.java b/src/main/java/org/dom4j/DocumentHelper.java
index 26569e2d..a3a69dca 100644
--- a/src/main/java/org/dom4j/DocumentHelper.java
+++ b/src/main/java/org/dom4j/DocumentHelper.java
@@ -18,6 +18,7 @@
 import org.jaxen.VariableContext;
 
 import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
 
 /**
  * <code>DocumentHelper</code> is a collection of helper methods for using
@@ -256,6 +257,8 @@ public static void sort(List<Node> list, String expression, boolean distinct) {
      * <code>parseText</code> parses the given text as an XML document and
      * returns the newly created Document.
      * </p>
+     *
+     * Loading external DTD and entities is disabled (if it is possible) for security reasons.
      * 
      * @param text
      *            the XML text to be parsed