Code Room
Code reviewHardcr-g559
Subject Security input validation xxeLevel Senior–Staff~20 minCommon in ML systems · Security · Algorithms & data structures interviewsIndustries Software development, IT services

Question

Review this Java endpoint that parses an uploaded XML document.

What a strong answer looks like

Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.

Talk through your review
Code to reviewjava
public Document parseUpload(InputStream xml) throws Exception {    DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();    DocumentBuilder builder = dbf.newDocumentBuilder();    Document doc = builder.parse(xml);    doc.getDocumentElement().normalize();    return doc;}
Run or narrate your approach, then ask the coach.