1
0
Fork 0
mirror of https://github.com/jnunemaker/httparty synced 2023-03-27 23:23:07 -04:00

Remove yaml due to possible security risk.

This commit is contained in:
John Nunemaker 2013-01-10 15:45:09 -05:00
parent a936eaab93
commit 53a812426d
6 changed files with 7 additions and 25 deletions

View file

@ -1,3 +1,7 @@
== 0.10.0 2013-01-10
* changes
* removed yaml support because of security risk (see rails yaml issues)
== 0.9.0 2012-09-07 == 0.9.0 2012-09-07
* new * new
* [support for connection adapters](https://github.com/jnunemaker/httparty/pull/157) * [support for connection adapters](https://github.com/jnunemaker/httparty/pull/157)

View file

@ -1,7 +1,7 @@
class ParseAtom class ParseAtom
include HTTParty include HTTParty
# Support Atom along with the default parsers: xml, json, yaml, etc. # Support Atom along with the default parsers: xml, json, etc.
class Parser::Atom < HTTParty::Parser class Parser::Atom < HTTParty::Parser
SupportedFormats.merge!({"application/atom+xml" => :atom}) SupportedFormats.merge!({"application/atom+xml" => :atom})

View file

@ -1,5 +1,5 @@
module HTTParty module HTTParty
# The default parser used by HTTParty, supports xml, json, html, yaml, and # The default parser used by HTTParty, supports xml, json, html, and
# plain text. # plain text.
# #
# == Custom Parsers # == Custom Parsers
@ -45,8 +45,6 @@ module HTTParty
'application/javascript' => :json, 'application/javascript' => :json,
'text/javascript' => :json, 'text/javascript' => :json,
'text/html' => :html, 'text/html' => :html,
'application/x-yaml' => :yaml,
'text/yaml' => :yaml,
'text/plain' => :plain 'text/plain' => :plain
} }
@ -120,10 +118,6 @@ module HTTParty
end end
end end
def yaml
YAML.load(body)
end
def html def html
body body
end end

View file

@ -155,11 +155,6 @@ describe HTTParty::Parser do
subject.send(:json) subject.send(:json)
end end
it "parses yaml" do
YAML.should_receive(:load).with('body')
subject.send(:yaml)
end
it "parses html by simply returning the body" do it "parses html by simply returning the body" do
subject.send(:html).should == 'body' subject.send(:html).should == 'body'
end end

View file

@ -225,12 +225,6 @@ describe HTTParty::Request do
@request.send(:parse_response, json).should == {'books' => {'book' => {'id' => '1234', 'name' => 'Foo Bar!'}}} @request.send(:parse_response, json).should == {'books' => {'book' => {'id' => '1234', 'name' => 'Foo Bar!'}}}
end end
it 'should handle yaml automatically' do
yaml = "books: \n book: \n name: Foo Bar!\n id: \"1234\"\n"
@request.options[:format] = :yaml
@request.send(:parse_response, yaml).should == {'books' => {'book' => {'id' => '1234', 'name' => 'Foo Bar!'}}}
end
it "should include any HTTP headers in the returned response" do it "should include any HTTP headers in the returned response" do
@request.options[:format] = :html @request.options[:format] = :html
response = stub_response "Content" response = stub_response "Content"

View file

@ -384,11 +384,6 @@ describe HTTParty do
@klass.default_options[:format].should == :json @klass.default_options[:format].should == :json
end end
it "should allow yaml" do
@klass.format :yaml
@klass.default_options[:format].should == :yaml
end
it "should allow plain" do it "should allow plain" do
@klass.format :plain @klass.format :plain
@klass.default_options[:format].should == :plain @klass.default_options[:format].should == :plain
@ -403,7 +398,7 @@ describe HTTParty do
it 'should only print each format once with an exception' do it 'should only print each format once with an exception' do
lambda do lambda do
@klass.format :foobar @klass.format :foobar
end.should raise_error(HTTParty::UnsupportedFormat, "':foobar' Must be one of: html, json, plain, xml, yaml") end.should raise_error(HTTParty::UnsupportedFormat, "':foobar' Must be one of: html, json, plain, xml")
end end
it 'sets the default parser' do it 'sets the default parser' do