Run this command to install the SDK:

npm install cloudmersive-validate-api-client --save

Or add this snippet to your package.json:

  "dependencies": {
    "cloudmersive-validate-api-client": "^1.3.9"

var CloudmersiveValidateApiClient = require('cloudmersive-validate-api-client');
var defaultClient = CloudmersiveValidateApiClient.ApiClient.instance;

// Configure API key authorization: Apikey
var Apikey = defaultClient.authentications['Apikey'];
Apikey.apiKey = 'YOUR API KEY';

var apiInstance = new CloudmersiveValidateApiClient.TextInputApi();

var request = new CloudmersiveValidateApiClient.XxeDetectionBatchRequest(); // XxeDetectionBatchRequest | 

var callback = function(error, data, response) {
  if (error) {
  } else {
    console.log('API called successfully. Returned data: ' + data);
apiInstance.textInputCheckXxeBatch(request, callback);

Run this command to install the SDK:

pip install cloudmersive-validate-api-client

from __future__ import print_function
import time
import cloudmersive_validate_api_client
from import ApiException
from pprint import pprint

# Configure API key authorization: Apikey
configuration = cloudmersive_validate_api_client.Configuration()
configuration.api_key['Apikey'] = 'YOUR_API_KEY'

# create an instance of the API class
api_instance = cloudmersive_validate_api_client.TextInputApi(cloudmersive_validate_api_client.ApiClient(configuration))
value = 'value_example' # str | User-facing text input.
allow_internet_urls = true # bool | Optional: Set to true to allow Internet-based dependency URLs for DTDs and other XML External Entitites, set to false to block.  Default is false. (optional)
known_safe_urls = 'known_safe_urls_example' # str | Optional: Comma separated list of fully-qualified URLs that will automatically be considered safe. (optional)
known_unsafe_urls = 'known_unsafe_urls_example' # str | Optional: Comma separated list of fully-qualified URLs that will automatically be considered unsafe. (optional)

    # Protect text input from XML External Entity (XXE) attacks
    api_response = api_instance.text_input_check_xxe(value, allow_internet_urls=allow_internet_urls, known_safe_urls=known_safe_urls, known_unsafe_urls=known_unsafe_urls)
except ApiException as e:
    print("Exception when calling TextInputApi->text_input_check_xxe: %s\n" % e)

Run this command to install the SDK:

Install-Package Cloudmersive.APIClient.NET.Validate -Version 3.2.0

using System;
using System.Diagnostics;
using Cloudmersive.APIClient.NET.Validate.Api;
using Cloudmersive.APIClient.NET.Validate.Client;
using Cloudmersive.APIClient.NET.Validate.Model;

namespace Example
    public class TextInputCheckXxeBatchExample
        public void main()
            // Configure API key authorization: Apikey
            Configuration.Default.AddApiKey("Apikey", "YOUR_API_KEY");

            var apiInstance = new TextInputApi();
            var request = new XxeDetectionBatchRequest(); // XxeDetectionBatchRequest | 

                // Protect text input from XML External Entity (XXE) attacks
                XxeDetectionBatchResponse result = apiInstance.TextInputCheckXxeBatch(request);
            catch (Exception e)
                Debug.Print("Exception when calling TextInputApi.TextInputCheckXxeBatch: " + e.Message );

To install with Maven, add a reference to the repository in pom.xml:


And add a reference to the dependency in pom.xml:


To install with Gradle, add it in your root build.gradle at the end of repositories:

allprojects {
	repositories {
		maven { url '' }

And add the dependency in build.gradle:

dependencies {
        implementation 'com.github.Cloudmersive:Cloudmersive.APIClient.Java:v4.25'

// Import classes:
//import com.cloudmersive.client.invoker.ApiClient;
//import com.cloudmersive.client.invoker.ApiException;
//import com.cloudmersive.client.invoker.Configuration;
//import com.cloudmersive.client.invoker.auth.*;
//import com.cloudmersive.client.ContentThreatDetectionApi;

ApiClient defaultClient = Configuration.getDefaultApiClient();

// Configure API key authorization: Apikey
ApiKeyAuth Apikey = (ApiKeyAuth) defaultClient.getAuthentication("Apikey");
Apikey.setApiKey("YOUR API KEY");
// Uncomment the following line to set a prefix for the API key, e.g. "Token" (defaults to null)

ContentThreatDetectionApi apiInstance = new ContentThreatDetectionApi();
String value = "value_example"; // String | User-facing text input.
try {
    StringXxeDetectionResult result = apiInstance.contentThreatDetectionCheckXxe(value);
} catch (ApiException e) {
    System.err.println("Exception when calling ContentThreatDetectionApi#contentThreatDetectionCheckXxe");

Run this command to install the SDK:

composer require cloudmersive/cloudmersive_validate_api_client

require_once(__DIR__ . '/vendor/autoload.php');

// Configure API key authorization: Apikey
$config = Swagger\Client\Configuration::getDefaultConfiguration()->setApiKey('Apikey', 'YOUR_API_KEY');

$apiInstance = new Swagger\Client\Api\TextInputApi(
    new GuzzleHttp\Client(),
$request = new \Swagger\Client\Model\XxeDetectionBatchRequest(); // \Swagger\Client\Model\XxeDetectionBatchRequest | 

try {
    $result = $apiInstance->textInputCheckXxeBatch($request);
} catch (Exception $e) {
    echo 'Exception when calling TextInputApi->textInputCheckXxeBatch: ', $e->getMessage(), PHP_EOL;

Add the Objective-C client to your Podfile:

Add the Ruby client to your Gemfile:

gem install cloudmersive-security-api-client

# load the gem
require 'cloudmersive-security-api-client'
# setup authorization
CloudmersiveSecurityApiClient.configure do |config|
  # Configure API key authorization: Apikey
  config.api_key['Apikey'] = 'YOUR API KEY'
  # Uncomment the following line to set a prefix for the API key, e.g. 'Bearer' (defaults to nil)
  #config.api_key_prefix['Apikey'] = 'Bearer'

api_instance =

value = 'value_example' # String | User-facing text input.

  #Protect text input from XML External Entity (XXE) attacks
  result = api_instance.content_threat_detection_check_xxe(value)
  p result
rescue CloudmersiveSecurityApiClient::ApiError => e
  puts "Exception when calling ContentThreatDetectionApi->content_threat_detection_check_xxe: #{e}"

Download and copy the /client folder into your Apex project:

Download Apex Client

SwagContentThreatDetectionApi api = new SwagContentThreatDetectionApi();
SwagClient client = api.getClient();

// Configure API key authorization: Apikey
ApiKeyAuth Apikey = (ApiKeyAuth) client.getAuthentication('Apikey');
Apikey.setApiKey('YOUR API KEY');

Map<String, Object> params = new Map<String, Object>{
    'value' => 'value_example'

try {
    // cross your fingers
    SwagStringXxeDetectionResult result = api.contentThreatDetectionCheckXxe(params);
} catch (Swagger.ApiException e) {
    // ...handle your exceptions

Install libcurl in your C/C++ project:

CURL *curl;
CURLcode res;
curl = curl_easy_init();
if(curl) {
     curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
     curl_easy_setopt(curl, CURLOPT_URL, "");
     curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
     curl_easy_setopt(curl, CURLOPT_DEFAULT_PROTOCOL, "https");
     struct curl_slist *headers = NULL;
     headers = curl_slist_append(headers, "Content-Type: application/json");
     headers = curl_slist_append(headers, "Apikey: YOUR-API-KEY-HERE");
     curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
     const char *data = "\"<string>\"";
     curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);
     res = curl_easy_perform(curl);
curl --location --request POST '' \
--header 'allowInternetUrls: <boolean>' \
--header 'knownSafeUrls: <string>' \
--header 'knownUnsafeUrls: <string>' \
--header 'Content-Type: application/json' \
--header 'Apikey: YOUR-API-KEY-HERE' \
--data-raw '"<string>"'
import Foundation
#if canImport(FoundationNetworking)
import FoundationNetworking

var semaphore = DispatchSemaphore (value: 0)

let parameters = "\"<string>\""
let postData = .utf8)

var request = URLRequest(url: URL(string: "")!,timeoutInterval: Double.infinity)
request.addValue("<boolean>", forHTTPHeaderField: "allowInternetUrls")
request.addValue("<string>", forHTTPHeaderField: "knownSafeUrls")
request.addValue("<string>", forHTTPHeaderField: "knownUnsafeUrls")
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("YOUR-API-KEY-HERE", forHTTPHeaderField: "Apikey")

request.httpMethod = "POST"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in 
     guard let data = data else {
          print(String(describing: error))
     print(String(data: data, encoding: .utf8)!)


This code snippet uses the built-in JavaScript XHR request capability

var data = JSON.stringify({
     "RequestItems": [
               "InputText": "<string>",
               "AllowInternetUrls": "<boolean>",
               "KnownSafeUrls": [
               "KnownUnsafeUrls": [
               "InputText": "<string>",
               "AllowInternetUrls": "<boolean>",
               "KnownSafeUrls": [
               "KnownUnsafeUrls": [

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function() {
     if(this.readyState === 4) {
});"POST", "");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Apikey", "YOUR-API-KEY-HERE");

package main

import (

func main() {

     url := ""
     method := "POST"

     payload := strings.NewReader(`"<string>"`)

     client := &http.Client {
     req, err := http.NewRequest(method, url, payload)

     if err != nil {
     req.Header.Add("Content-Type", "application/json")
     req.Header.Add("Apikey", "YOUR-API-KEY-HERE")

     res, err := client.Do(req)
     if err != nil {
     defer res.Body.Close()

     body, err := ioutil.ReadAll(res.Body)
     if err != nil {

Walkthrough Video