Use safe_load
function to load YAML
In our use case, we are *not* reading arbitrary input that could be malicious. Still, because we know that what we're reading is made up of only dictionaries and lists and not arbitrary Python objects, we might as well use the more restrictive `safe_load` function rather than the `load` function.
This commit is contained in:
parent
dcc3a1947a
commit
4381c4cabb
1 changed files with 1 additions and 1 deletions
|
@ -8,7 +8,7 @@ class ConfigReader(object):
|
|||
def _read(self, config_file_path):
|
||||
try:
|
||||
with open(config_file_path) as fin:
|
||||
data = yaml.load(fin)
|
||||
data = yaml.safe_load(fin)
|
||||
return data
|
||||
except Exception as e:
|
||||
msg = string.indent_lines(str(e))
|
||||
|
|
Loading…
Reference in a new issue