official pay call back xxe

app/Http/Controllers/Wap/Pay/OrdersController.php

@@ -732,7 +732,7 @@ class OrdersController extends Controller
      */
     function wcback_official(Request $request)
     {
-        libxml_disable_entity_loader(true);
+        //libxml_disable_entity_loader(true);
         $xml = XML::parse(strval($request->getContent()));
         Log::info('xml is');
         Log::info($xml);