THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
However, if the receiver starts acting immediately on the attachment's InputStream, for example, the attachment data returned from the service to the client are streamed to a UI display which can activate a script then it is important that a 'bufferPayload' property is enabled on either JwsMultipartContainerRequestFilter or JwsMultipartClientResponseFilter. It will ensure that the data streams are validated first before the application gets an access to them. This property should also be enabled if the multipart payload contains many attachment parts.
Here is an example showing how a Book object (represented as an XML attachment on the wire) can be secured.
...