Permalink
Browse files

Merge pull request #1 from PiPeep/patch-1

Using yaml.load is Dangerous for Untrusted Input
  • Loading branch information...
2 parents da87d46 + 7e55764 commit 4624f291784b9c2cfed1956bac834a89fd683e08 @ptarjan committed May 1, 2012
Showing with 1 addition and 1 deletion.
  1. +1 −1 main.py
View
@@ -41,7 +41,7 @@
def getOutput(y, type) :
try :
- objects = yaml.load(y)
+ objects = yaml.safe_load(y)
if type == "python" :
return pprint.pformat(objects)
elif type == "canonical_yaml" :

0 comments on commit 4624f29

Please sign in to comment.