Java tutorial
//package com.java2s; import org.w3c.dom.Document; import org.xml.sax.InputSource; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; import java.io.StringReader; public class Main { public static Document parseXml(String xml) { try { DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance(); dbFactory.setNamespaceAware(true); setUpSecurity(dbFactory); DocumentBuilder dBuilder = dbFactory.newDocumentBuilder(); return dBuilder.parse(new InputSource(new StringReader(xml))); } catch (Exception e) { throw new RuntimeException(e); } } private static void setUpSecurity(DocumentBuilderFactory dbFactory) throws ParserConfigurationException { dbFactory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); dbFactory.setFeature("http://xml.org/sax/features/external-general-entities", false); dbFactory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); dbFactory.setXIncludeAware(false); dbFactory.setExpandEntityReferences(false); } }