backend/src/main/java/com/printcalculator/service/SlicerService.java

@@ -639,9 +639,17 @@ public class SlicerService {
         DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
         dbf.setNamespaceAware(true);
         dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
-        setFeatureIfSupported(dbf, "http://apache.org/xml/features/disallow-doctype-decl", true);
+        dbf.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
-        setFeatureIfSupported(dbf, "http://xml.org/sax/features/external-general-entities", false);
+        try {
-        setFeatureIfSupported(dbf, "http://xml.org/sax/features/external-parameter-entities", false);
+            dbf.setFeature("http://xml.org/sax/features/external-general-entities", false);
+        } catch (Exception ignored) {
+            // Best-effort hardening.
+        }
+        try {
+            dbf.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
+        } catch (Exception ignored) {
+            // Best-effort hardening.
+        }
         dbf.setXIncludeAware(false);
         dbf.setExpandEntityReferences(false);
 
@@ -650,14 +658,6 @@ public class SlicerService {
         }
     }
 
-    private void setFeatureIfSupported(DocumentBuilderFactory dbf, String feature, boolean enabled) {
-        try {
-            dbf.setFeature(feature, enabled);
-        } catch (Exception ignored) {
-            // Best-effort hardening.
-        }
-    }
-
     private String normalizeZipPath(String rawPath) throws IOException {
         if (rawPath == null || rawPath.isBlank()) {
             throw new IOException("Invalid empty 3MF model path");