These properties enable entity expansion, and restrict any external entity (for
example, URL) when included as a part of XML DOCTYPE reference. DTD is basically an XML schema.
If you are looking for a solution for entity declarations that could have potential for XXE
(external entity), enable an inclusion listed defense against XXE using system
properties.