描述
https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing
解决方案:
https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Prevention_Cheat_Sheet
https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Prevention_Cheat_Sheet#SAXReader