jshiffer/slixmpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Only defuse stdlib through an env var

Browse Source 
https://github.com/inducer/relate/issues/905
This commit is contained in:
mathieui 2022-03-18 23:58:37 +01:00
parent abd699593f
commit 41d733e77f
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
slixmpp/__init__.py
View File

@ -4,14 +4,18 @@
# This file is part of Slixmpp. # This file is part of Slixmpp.
# See the file LICENSE for copying permission. # See the file LICENSE for copying permission.
import logging import logging
from os import getenv
logging.getLogger(__name__).addHandler(logging.NullHandler()) logging.getLogger(__name__).addHandler(logging.NullHandler())
# Use defusedxml if available # Use defusedxml if wanted
try: # Since enabling it can have adverse consequences for the programs using
import defusedxml # slixmpp, do not enable it by default.
defusedxml.defuse_stdlib() if getenv('SLIXMPP_ENABLE_DEFUSEDXML', default='false').lower() == 'true':
except ImportError: try:
pass import defusedxml
defusedxml.defuse_stdlib()
except ImportError:
pass
from slixmpp.stanza import Message, Presence, Iq from slixmpp.stanza import Message, Presence, Iq
from slixmpp.jid import JID, InvalidJID from slixmpp.jid import JID, InvalidJID