Sha256: f267da7689f83fc5bd0fb0ff65502d648d2d38c3486ac2ea97da7c7925ec713d
Contents?: true
Size: 1.62 KB
Versions: 1
Compression:
Stored size: 1.62 KB
Contents
module SafeYAML class Whitelist attr_reader :allowed def initialize reset! end def check(tag, value) @allowed.each do |ok, checker| if ok === tag check = check_value(ok, checker, value) return check if check end end nil end def check_value(tag, checker, value) if checker == true return :cacheable end if @cached[tag][value] return :cacheable end result = checker.call(value) if result == :cacheable @cached[tag][value] = true return :cacheable elsif result return :allowed else return nil end end def reset! @allowed = {} @cached = {} if SafeYAML::YAML_ENGINE == "psych" # psych doesn't tag the default types, except for binary add("!binary", "tag:yaml.org,2002:binary") else add("tag:yaml.org,2002:str", "tag:yaml.org,2002:int", "tag:yaml.org,2002:float", "tag:yaml.org,2002:binary", "tag:yaml.org,2002:merge", "tag:yaml.org,2002:null", %r{^tag:yaml.org,2002:bool#}, %r{^tag:yaml.org,2002:float#}, %r{^tag:yaml.org,2002:timestamp#}, "tag:ruby.yaml.org,2002:object:YAML::Syck::BadAlias") end end def add(*tags, &block) tags.each do |tag| @cached[tag] = {} if block @allowed[tag] = block || true end end def remove(*tags) tags.each do |tag| @cached.delete(tag) @allowed.delete(tag) end end end end
Version data entries
1 entries across 1 versions & 1 rubygems
Version | Path |
---|---|
safe_yaml-instructure-0.8.0 | lib/safe_yaml/whitelist.rb |