From c3e0026effb9cb43cd22b574a3361f3d5c3b92a7 Mon Sep 17 00:00:00 2001
From: Michael Vorburger <mike@vorburger.ch>
Date: Sat, 4 Jan 2025 01:03:47 +0100
Subject: [PATCH] fix  (core): Address real security vulnerability, TX
 DeepSource JAVA-A1052

---
 java/dev/enola/common/xml/XML.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/dev/enola/common/xml/XML.java b/java/dev/enola/common/xml/XML.java
index fb7e7475c..8b48b38ea 100644
--- a/java/dev/enola/common/xml/XML.java
+++ b/java/dev/enola/common/xml/XML.java
@@ -61,7 +61,7 @@ private static String normalizeXML(InputStream inputStream, boolean format)
         // TODO Use streaming SAX instead of DOM; and break this up... use XmlResourceParser
 
         DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
-        factory.setAttribute(XMLConstants.FEATURE_SECURE_PROCESSING, true); // #security
+        factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); // #security
         DocumentBuilder builder = factory.newDocumentBuilder();
 
         Document document = builder.parse(new InputSource(inputStream));