For librsvg, I’m in need of an XML parser that supports entities. I know about entity expansion attacks and how they are mitigated (e.g. what libxml2 does).
I’m tempted to add support for entity expansion to xml-rs, but since entities are declared in the DOCTYPE, it kind of ties with DTDs and validation.
So here’s a poll. Do you use XML with Rust and require XML validation with DTDs? Do you require entities?