webMethods, OneData, and Terracotta  10.2 | Managing Master Data with webMethods OneData | Administering webMethods OneData | Configuring Security | Protecting Against Cross-Site Scripting | Enabling External Entities
 
Enabling External Entities
Use of external entities defined in an XML document, such as input payload for loading data into OneData using the data interchange capabilities of REST or Data Import, can lead to security threats. To prevent security threats, inclusion of XML external entities in the incoming XML payload is disabled for all users except for users with Administrator role privileges.
Use the following procedure to enable the inclusion of XML external entities for existing and new users:
1. On the Menu toolbar, click Administer > Security > Roles.
2. Click the Edit icon corresponding to the role that you want to edit or click Add New Role to create a new role.
3. Click Functions tab.
4. Under General, select Enable XML External Entities.
5. Click Save.
Copyright © 2011-2018 | Software AG, Darmstadt, Germany and/or Software AG USA, Inc., Reston, VA, USA, and/or its subsidiaries and/or its affiliates and/or their licensors.
Innovation Release