From 027b126b42ee37c61d721c47dd493677ef936059 Mon Sep 17 00:00:00 2001 From: Toshio Kuratomi Date: Wed, 11 Jan 2017 11:43:56 -0800 Subject: [PATCH] Remove _clean_data_struct() advice as that was a 1.x design data now goes through this extra cleaning in the template rather than being an explicit other step. --- lib/ansible/template/safe_eval.py | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/lib/ansible/template/safe_eval.py b/lib/ansible/template/safe_eval.py index 76df7ed11e..387dc6a72e 100644 --- a/lib/ansible/template/safe_eval.py +++ b/lib/ansible/template/safe_eval.py @@ -32,10 +32,7 @@ def safe_eval(expr, locals={}, include_exceptions=False): with_items: a_list_variable Where Jinja2 would return a string but we do not want to allow it to - call functions (outside of Jinja2, where the env is constrained). If - the input data to this function came from an untrusted (remote) source, - it should first be run through _clean_data_struct() to ensure the data - is further sanitized prior to evaluation. + call functions (outside of Jinja2, where the env is constrained). Based on: http://stackoverflow.com/questions/12523516/using-ast-and-whitelists-to-make-pythons-eval-safe