thr3ads.net - Rails - Is YAML.load secure within a controller? [Mar 2007]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Yottameter

2007-Mar-27 00:19 UTC

Is YAML.load secure within a controller?

I''m using a YAML load in the following manner inside of a controller:

          myObject=YAML.load(request.raw_post)

Are there any security concerns with this method?

Thanks in advance!


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

Rails - Mar 2007 - Is YAML.load secure within a controller?

Is YAML.load secure within a controller?