mirror of
https://github.com/Fishwaldo/huginn.git
synced 2025-03-15 19:31:26 +00:00
Merge pull request #2017 from Skarlso/eliminated_eval_from_jsonpath
Update JsonPath to latest version.
This commit is contained in:
commit
154c058729
5 changed files with 5 additions and 14 deletions
|
@ -195,10 +195,6 @@ FARADAY_HTTP_BACKEND=typhoeus
|
|||
# by Agents that allow overriding the User-Agent header value.
|
||||
DEFAULT_HTTP_USER_AGENT="Huginn - https://github.com/cantino/huginn"
|
||||
|
||||
# Allow JSONPath eval expresions. i.e., $..price[?(@ < 20)]
|
||||
# You should not allow this on a shared Huginn box because it is not secure.
|
||||
ALLOW_JSONPATH_EVAL=false
|
||||
|
||||
# Enable this setting to allow insecure Agents like the ShellCommandAgent. Only do this
|
||||
# when you trust everyone using your Huginn installation.
|
||||
ENABLE_INSECURE_AGENTS=false
|
||||
|
|
2
Gemfile
2
Gemfile
|
@ -108,7 +108,7 @@ gem 'httmultiparty', '~> 0.3.16'
|
|||
gem 'jquery-rails', '~> 4.2.1'
|
||||
gem 'huginn_agent', '~> 0.4.0'
|
||||
gem 'json', '~> 1.8.1'
|
||||
gem 'jsonpath', '~> 0.7.2'
|
||||
gem 'jsonpath', '~> 0.8.3'
|
||||
gem 'kaminari', github: "amatsuda/kaminari", branch: '0-17-stable', ref: 'abbf93d557208ee1d0b612c612cd079f86ed54f4'
|
||||
gem 'kramdown', '~> 1.3.3'
|
||||
gem 'liquid', '~> 4.0'
|
||||
|
|
|
@ -324,7 +324,7 @@ GEM
|
|||
railties (>= 4.2.0)
|
||||
thor (>= 0.14, < 2.0)
|
||||
json (1.8.6)
|
||||
jsonpath (0.7.2)
|
||||
jsonpath (0.8.3)
|
||||
multi_json
|
||||
jwt (1.4.1)
|
||||
kgio (2.10.0)
|
||||
|
@ -659,7 +659,7 @@ DEPENDENCIES
|
|||
hypdf (~> 1.0.10)
|
||||
jquery-rails (~> 4.2.1)
|
||||
json (~> 1.8.1)
|
||||
jsonpath (~> 0.7.2)
|
||||
jsonpath (~> 0.8.3)
|
||||
kaminari!
|
||||
kramdown (~> 1.3.3)
|
||||
letter_opener_web (~> 1.3.1)
|
||||
|
|
|
@ -87,7 +87,7 @@ module Utils
|
|||
escape = false
|
||||
end
|
||||
|
||||
result = JsonPath.new(path, :allow_eval => ENV['ALLOW_JSONPATH_EVAL'] == "true").on(data.is_a?(String) ? data : data.to_json)
|
||||
result = JsonPath.new(path).on(data.is_a?(String) ? data : data.to_json)
|
||||
if escape
|
||||
result.map {|r| CGI::escape r }
|
||||
else
|
||||
|
|
|
@ -68,17 +68,12 @@ describe Utils do
|
|||
it "returns the value at a JSON path" do
|
||||
expect(Utils.value_at({ :foo => { :bar => :baz }}.to_json, "foo.bar")).to eq("baz")
|
||||
expect(Utils.value_at({ :foo => { :bar => { :bing => 2 } }}, "foo.bar.bing")).to eq(2)
|
||||
expect(Utils.value_at({ :foo => { :bar => { :bing => 2 } }}, "foo.bar[?(@.bing == 2)].bing")).to eq(2)
|
||||
end
|
||||
|
||||
it "returns nil when the path cannot be followed" do
|
||||
expect(Utils.value_at({ :foo => { :bar => :baz }}, "foo.bing")).to be_nil
|
||||
end
|
||||
|
||||
it "does not eval" do
|
||||
expect {
|
||||
Utils.value_at({ :foo => 2 }, "foo[?(@ > 1)]")
|
||||
}.to raise_error(RuntimeError, /Cannot use .*? eval/)
|
||||
end
|
||||
end
|
||||
|
||||
describe "#values_at" do
|
||||
|
|
Loading…
Add table
Reference in a new issue