archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Remove _clean_data_struct() advice as that was a 1.x design

Browse Source 
data now goes through this extra cleaning in the template rather than
being an explicit other step.
pull/20159/head
Toshio Kuratomi 9 years ago
parent 36c79709a4
commit 027b126b42
1 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File

5
lib/ansible/template/safe_eval.py
Unescape Escape View File

@ -32,10 +32,7 @@ def safe_eval(expr, locals={}, include_exceptions=False):
with_items: a_list_variable with_items: a_list_variable
Where Jinja2 would return a string but we do not want to allow it to Where Jinja2 would return a string but we do not want to allow it to
call functions (outside of Jinja2, where the env is constrained). If call functions (outside of Jinja2, where the env is constrained).
the input data to this function came from an untrusted (remote) source,
it should first be run through _clean_data_struct() to ensure the data
is further sanitized prior to evaluation.
Based on: Based on:
http://stackoverflow.com/questions/12523516/using-ast-and-whitelists-to-make-pythons-eval-safe http://stackoverflow.com/questions/12523516/using-ast-and-whitelists-to-make-pythons-eval-safe

Write Preview
Loading…
Cancel
Save