Sha256: f267da7689f83fc5bd0fb0ff65502d648d2d38c3486ac2ea97da7c7925ec713d
Contents?: true
Size: 1.62 KB
Versions: 1
Compression:
Stored size: 1.62 KB
Contents
module SafeYAML
class Whitelist
attr_reader :allowed
def initialize
reset!
end
def check(tag, value)
@allowed.each do |ok, checker|
if ok === tag
check = check_value(ok, checker, value)
return check if check
end
end
nil
end
def check_value(tag, checker, value)
if checker == true
return :cacheable
end
if @cached[tag][value]
return :cacheable
end
result = checker.call(value)
if result == :cacheable
@cached[tag][value] = true
return :cacheable
elsif result
return :allowed
else
return nil
end
end
def reset!
@allowed = {}
@cached = {}
if SafeYAML::YAML_ENGINE == "psych"
# psych doesn't tag the default types, except for binary
add("!binary",
"tag:yaml.org,2002:binary")
else
add("tag:yaml.org,2002:str",
"tag:yaml.org,2002:int",
"tag:yaml.org,2002:float",
"tag:yaml.org,2002:binary",
"tag:yaml.org,2002:merge",
"tag:yaml.org,2002:null",
%r{^tag:yaml.org,2002:bool#},
%r{^tag:yaml.org,2002:float#},
%r{^tag:yaml.org,2002:timestamp#},
"tag:ruby.yaml.org,2002:object:YAML::Syck::BadAlias")
end
end
def add(*tags, &block)
tags.each do |tag|
@cached[tag] = {} if block
@allowed[tag] = block || true
end
end
def remove(*tags)
tags.each do |tag|
@cached.delete(tag)
@allowed.delete(tag)
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| safe_yaml-instructure-0.8.0 | lib/safe_yaml/whitelist.rb |