jshiffer/slixmpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Only defuse stdlib through an env var

Browse Source 
https://github.com/inducer/relate/issues/905
This commit is contained in:
mathieui 2022-03-18 23:58:37 +01:00
parent abd699593f
commit 41d733e77f
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
slixmpp/__init__.py
View File

@ -4,13 +4,17 @@
# This file is part of Slixmpp. # This file is part of Slixmpp.
# See the file LICENSE for copying permission. # See the file LICENSE for copying permission.
import logging import logging
from os import getenv
logging.getLogger(__name__).addHandler(logging.NullHandler()) logging.getLogger(__name__).addHandler(logging.NullHandler())
# Use defusedxml if available # Use defusedxml if wanted
try: # Since enabling it can have adverse consequences for the programs using
# slixmpp, do not enable it by default.
if getenv('SLIXMPP_ENABLE_DEFUSEDXML', default='false').lower() == 'true':
try:
import defusedxml import defusedxml
defusedxml.defuse_stdlib() defusedxml.defuse_stdlib()
except ImportError: except ImportError:
pass pass
from slixmpp.stanza import Message, Presence, Iq from slixmpp.stanza import Message, Presence, Iq