jekyll · parkr · Dec 8, 2013 · Oct 23, 2013 · Oct 25, 2013 · Oct 25, 2013
diff --git a/bin/jekyll b/bin/jekyll
@@ -41,6 +41,7 @@ def add_build_options(c)
   c.option '--lsi', 'Use LSI for improved related posts'
   c.option '-D', '--drafts', 'Render posts in the _drafts folder'
   c.option '-V', '--verbose', 'Print verbose output.'
+  c.option '-W', '--whitelist', 'Gem plugin whitelist'
 end
 
 command :default do |c|

diff --git a/lib/jekyll/site.rb b/lib/jekyll/site.rb
@@ -77,11 +77,10 @@ def setup
               require f
             end
         end
-        self.gems.each do |gem|
-          require gem
-        end
       end
 
+      require_gems
+
       self.converters = instantiate_subclasses(Jekyll::Converter)
       self.generators = instantiate_subclasses(Jekyll::Generator)
     end
@@ -97,6 +96,22 @@ def ensure_not_in_dest
       end
     end
 
+    def require_gems
+      self.gems.each do |gem|
+        if whitelist.include?(gem) || !self.safe
+          require gem
+        end
+      end
+    end
+
+    def whitelist
+      @whitelist ||= begin
+        YAML.safe_load_file(self.config['whitelist']) || []
+      rescue
+        []
+      end
+    end
+
     # Internal: Setup the plugin search path
     #
     # Returns an Array of plugin search paths