Merge pull request #1 from PiPeep/patch-1

Using yaml.load is Dangerous for Untrusted Input
ptarjan · May 1, 2012 · 4624f29 · 4624f29
2 parents da87d46 + 7e55764
commit 4624f29
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/main.py b/main.py
@@ -41,7 +41,7 @@
 
 def getOutput(y, type) :
     try :
-        objects = yaml.load(y)
+        objects = yaml.safe_load(y)
         if type == "python" :
             return pprint.pformat(objects)
         elif type == "canonical_yaml" :