Description
Hello,
I currently have all my catalog files defined with the corresponding DTD, eg:
<!DOCTYPE catalog
PUBLIC "-//OASIS//DTD XML Catalogs V1.1//EN" "http://www.oasis-open.org/committees/entity/release/1.1/catalog.dtd">
<catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog"
prefer="public">
<!-- ... -->
</catalog>
The problem I'm having at the moment is that my builds are all failing because the OASIS site is having issues:
[ERROR] Failed to execute goal org.jvnet.jaxb:jaxb-maven-plugin:4.0.8:generate (generate) on project <...> Error parsing catalog [file:/<...>/src/main/resources/catalog.xml] Server returned HTTP response code: 502 for URL: http://www.oasis-open.org/committees/entity/release/1.1/catalog.dtd -> [Help 1]
Is the downloading of external entities actually required for parsing the catalog files? Something like this at least should be disabled by default due to security concerns.
My workaround was to remove the DTD declaration from the files, but I think the tool should(?) handle this.