update to clojure 1.5.1 and fix read-string vulnerability

ddellacosta · Mar 12, 2013 · 9e3a4e2 · 9e3a4e2
1 parent b2ccd51
commit 9e3a4e2
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/project.clj b/project.clj
@@ -1,4 +1,4 @@
-(defproject fetch "0.1.0-alpha2"
+(defproject fetch "0.1.0-alpha3"
   :description "A ClojureScript and Noir library to make client-server interaction painless."
-  :dependencies [[clojure "1.3.0"]
+  :dependencies [[org.clojure/clojure "1.5.1"]
                  [noir "1.2.2"]])
diff --git a/src/noir/fetch/remotes.clj b/src/noir/fetch/remotes.clj
@@ -1,4 +1,5 @@
 (ns noir.fetch.remotes
+  (:require [clojure.edn :as edn])
   (:use [noir.core :only [defpage]]))
 
 (def remotes (atom {}))
@@ -10,8 +11,7 @@
   (swap! remotes assoc remote func))
 
 (defn safe-read [s]
-  (binding [*read-eval* false]
-    (read-string s)))
+  (edn/read-string s))
 
 (defmacro defremote [remote params & body]
   `(do