Disable XML entity resolution completely to fix a dos vulnerability