From 74f227590e115b157fa7a5b38594154e1debe79d Mon Sep 17 00:00:00 2001
From: ghostslayer989 <45863583+ghostslayer989@users.noreply.github.com>
Date: Fri, 28 Jun 2019 06:36:08 -0400
Subject: [PATCH] Replace xml.dom.minidom.parse which is known to be vulnerable
 to XML attacks. (#3933)

This code is only run during the development process when updating translations base and the source XML files are trusted data. There doesn't seem to be a downside to the change, however.
---
 data/po/extract_strings_from_XML.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/po/extract_strings_from_XML.py b/data/po/extract_strings_from_XML.py
index 19b8acf8f..d27f25b7f 100755
--- a/data/po/extract_strings_from_XML.py
+++ b/data/po/extract_strings_from_XML.py
@@ -86,7 +86,7 @@ for file in filenames:
         isAchievements = True
         
     try:
-        doc = xml.dom.minidom.parse(file)
+        doc = defusedxml.minidom.parse(file)
     except Exception as ex:
         print "============================================"
         print "/!\\ Expat doesn't like ", file, "! Error=", type(ex), " (", ex.args, ")"