37 lines
1.4 KiB
Diff
37 lines
1.4 KiB
Diff
From 419d7fd6e5a9ed2d356ad05eef1043309f5646ef Mon Sep 17 00:00:00 2001
|
|
From: Michal Polovka <mpolovka@redhat.com>
|
|
Date: Fri, 7 Jan 2022 12:12:26 +0100
|
|
Subject: [PATCH] ipatests: webui: Use safe-loader for loading YAML
|
|
configuration file
|
|
|
|
FullLoader class for YAML loader was introduced in version 5.1 which
|
|
also deprecated default loader. SafeLoader, however, stays consistent
|
|
across the versions and brings added security.
|
|
|
|
This fix is necessary as PyYAML > 5.1 is not available in downstream.
|
|
|
|
Related: https://pagure.io/freeipa/issue/9009
|
|
|
|
Signed-off-by: Michal Polovka <mpolovka@redhat.com>
|
|
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
|
|
---
|
|
ipatests/test_webui/ui_driver.py | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/ipatests/test_webui/ui_driver.py b/ipatests/test_webui/ui_driver.py
|
|
index 77fd74e49593183a37fe735bedf2e0d6b9257ac7..519efee9bba3de2114d22865a08df87f9b5f348a 100644
|
|
--- a/ipatests/test_webui/ui_driver.py
|
|
+++ b/ipatests/test_webui/ui_driver.py
|
|
@@ -192,7 +192,7 @@ class UI_driver:
|
|
if not NO_YAML and os.path.isfile(path):
|
|
try:
|
|
with open(path, 'r') as conf:
|
|
- cls.config = yaml.load(stream=conf, Loader=yaml.FullLoader)
|
|
+ cls.config = yaml.safe_load(stream=conf)
|
|
except yaml.YAMLError as e:
|
|
pytest.skip("Invalid Web UI config.\n%s" % e)
|
|
except IOError as e:
|
|
--
|
|
2.34.1
|
|
|