Permalink
Browse files

Test Bad YAML

  • Loading branch information...
1 parent 2bad650 commit d9c86299118b4a1db9f646018169c1c45fd065df @joshbohde joshbohde committed Jun 8, 2012
Showing with 13 additions and 0 deletions.
  1. +13 −0 tests/core/tests/serializers.py
View
13 tests/core/tests/serializers.py
@@ -1,5 +1,6 @@
# -*- coding: utf-8 -*-
import datetime
+import yaml
from decimal import Decimal
from django.conf import settings
from django.core.exceptions import ImproperlyConfigured
@@ -15,6 +16,10 @@
biplist = None
+class UnsafeObject(object):
+ pass
+
+
class NoteResource(ModelResource):
class Meta:
resource_name = 'notes'
@@ -238,6 +243,14 @@ def test_round_trip_yaml(self):
unserialized = serializer.from_yaml(serialized)
self.assertEqual(sample_data, unserialized)
+ def test_unsafe_yaml(self):
+ serializer = Serializer()
+ evil_data = UnsafeObject()
+ serialized = yaml.dump(evil_data)
+ self.assertRaises(yaml.constructor.ConstructorError,
+ serializer.from_yaml,
+ serialized)
+
def test_to_jsonp(self):
serializer = Serializer()

0 comments on commit d9c8629

Please sign in to comment.