Resolve fortify defects missed in 13b9701 (#116)

src/Catalog/Helpers/Utils.cs

@@ -133,9 +133,13 @@ private static XDocument SafeXmlTransform(XmlReader reader, XslCompiledTransform
         private static XslCompiledTransform SafeLoadXslTransform(string resourceName)
         {
             var transform = new XslCompiledTransform();
-            
+
             // CodeAnalysis / XmlReader.Create: provide settings instance and set resolver property to null or instance
-            var reader = XmlReader.Create(new StreamReader(GetResourceStream(resourceName)), new XmlReaderSettings());
+            var settings = new XmlReaderSettings
+            {
+                XmlResolver = null
+            };
+            var reader = XmlReader.Create(new StreamReader(GetResourceStream(resourceName)), settings);
 
             // CodeAnalysis / XslCompiledTransform.Load: specify default settings or set resolver property to null or instance
             transform.Load(reader, XsltSettings.Default, stylesheetResolver: null);

tests/NuGet.Services.BasicSearchTests/TestSupport/StartedWebApp.cs

@@ -90,7 +90,11 @@ private static T ReadFromXml<T>(string path)
             using (var stream = new FileStream(path, FileMode.Open, FileAccess.Read))
             {
                 // CodeAnalysis / XmlReader.Create: provide settings instance and set resolver property to null or instance
-                var reader = XmlReader.Create(stream, new XmlReaderSettings());
+                var settings = new XmlReaderSettings()
+                {
+                    XmlResolver = null
+                };
+                var reader = XmlReader.Create(stream, settings);
                 return (T)xmlSerializer.Deserialize(reader);
             }
         }