mirror of
https://github.com/Fishwaldo/huginn.git
synced 2025-03-15 19:31:26 +00:00
add ALLOW_JSONPATH_EVAL option to .env
This commit is contained in:
parent
c39d4cc975
commit
13038ce841
2 changed files with 10 additions and 2 deletions
|
@ -78,6 +78,14 @@ AWS_ACCESS_KEY="your aws access key"
|
|||
# Set AWS_SANDBOX to true if you're developing Huginn code.
|
||||
AWS_SANDBOX=false
|
||||
|
||||
########################
|
||||
# Various Settings #
|
||||
########################
|
||||
|
||||
# Allow JSONPath eval expresions. i.e., $..price[?(@ < 20)]
|
||||
# You should not allow this on a shared Huginn box because it is not secure.
|
||||
ALLOW_JSONPATH_EVAL=false
|
||||
|
||||
# Use Graphviz for generating diagrams instead of using Google Chart
|
||||
# Tools. Specify a dot(1) command path built with SVG support
|
||||
# enabled.
|
||||
|
|
|
@ -56,7 +56,7 @@ module Utils
|
|||
escape = false
|
||||
end
|
||||
|
||||
result = JsonPath.new(path, :allow_eval => false).on(data.is_a?(String) ? data : data.to_json)
|
||||
result = JsonPath.new(path, :allow_eval => ENV['ALLOW_JSONPATH_EVAL'] == "true").on(data.is_a?(String) ? data : data.to_json)
|
||||
if escape
|
||||
result.map {|r| CGI::escape r }
|
||||
else
|
||||
|
@ -79,4 +79,4 @@ module Utils
|
|||
def self.pretty_jsonify(thing)
|
||||
JSON.pretty_generate(thing).gsub('</', '<\/')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Add table
Reference in a new issue