tests: Explicitly wrap an XML call in libxml_disable_entity_loader()
As per https://www.php.net/manual/en/function.libxml-disable-entity-loader.php
this is technically unnecessary.
However, as of libxml 2.9.0 entity substitution is disabled by default,
so there is no need to disable the loading of external entities.
Since the release of libxml 2.9.0 in 2012 external entity loading is
disabled in libxml by default. This means that using
libxml_disable_entity_loader() is no longer needed.
Hopefully helps prevent false positive reports from security scanning tools.