Sync generated files ("make sync")

hartwork · hartwork · commit 519a888e6af5 · 2025-11-25T21:35:39.000+01:00
diff --git a/doc/xml-security/index.html b/doc/xml-security/index.html
@@ -109,14 +109,14 @@ <h1>Overview</h1>
 <li><a href="#billion-laughs">Billion laughs attack</a></li>
 </ul>
 <h1><a name="external-entities"></a> External entities (XXE)</h1>
-<p>XML eXternal Entity (XXE) vulnerabilities are a common security problem in applications that parse XML
-files.</p>
-<p>XXE attacks rely on accessing files via <code>file://</code> URLs. Some variations (Blind XXE) also utilize access
-to remote URLs (e.g, <code>https://</code>, <code>ftp://</code>). By default, Expat does not access external URLs (both local
-and remote) and is, therefore, not affected by XXE.</p>
-<p>Expat only supports accessing URLs if a URL handler is configured via
+<p><a href="https://en.wikipedia.org/wiki/XML_external_entity_attack"><strong>X</strong>ML e<strong>X</strong>ternal <strong>E</strong>ntity (XXE) vulnerabilities</a>
+are a common security problem in applications that parse XML files.</p>
+<p>XXE attacks rely on accessing files via <code>file://</code>, <code>https://</code>, <code>ftp://</code> or relative URLs.
+By default, Expat does not access external URLs — neither local nor remote — and is,
+therefore, not affected by XXE.</p>
+<p>Expat only supports accessing URLs if a self-made external entity handler is configured via
 <a href="https://libexpat.github.io/doc/api/latest/#XML_SetExternalEntityRefHandler"><code>XML_SetExternalEntityRefHandler</code></a>.
-Configuring a URL handler is therefore risky and should not be done if untrusted XML input is
+Configuring such a handler is therefore risky and should not be done if untrusted XML input is
 expected.</p>
 <h1><a name="billion-laughs"></a> Billion laughs attack</h1>
 <p>TODO</p>
