archive/md-pdf
Archived
1
Fork 0
Code Releases Packages Activity

Kinda fix security issues

Browse source
This commit is contained in:
Jake Howard 2017-03-30 18:34:32 +01:00
parent 036aa754df
commit ccd2f2725c
2 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
md_pdf/config/read.py
View file

@ -7,6 +7,6 @@ from md_pdf.exceptions import ConfigValidationException
def load_config(): def load_config():
try: try:
with open(os.path.join(CONFIG_FILE)) as f: with open(os.path.join(CONFIG_FILE)) as f:
return yaml.load(f) return yaml.safe_load(f)
except FileNotFoundError: except FileNotFoundError:
raise ConfigValidationException("Can't find config file at {}".format(CONFIG_FILE)) raise ConfigValidationException("Can't find config file at {}".format(CONFIG_FILE))

3
md_pdf/csl.py
View file

@ -28,7 +28,7 @@ def download_csl():
_, download_location = tempfile.mkstemp() _, download_location = tempfile.mkstemp()
bar.start() bar.start()
urllib.request.urlretrieve(CSL_DOWNLOAD_LINK, download_location, reporthook=download_handle) urllib.request.urlretrieve(CSL_DOWNLOAD_LINK, download_location, reporthook=download_handle) # nosec
bar.finish() bar.finish()
with open(download_location, 'rb') as downloaded_file: with open(download_location, 'rb') as downloaded_file:
@ -45,3 +45,4 @@ def download_csl():
shutil.copytree(CSL_TEMP_DIR, CSL_DIR) shutil.copytree(CSL_TEMP_DIR, CSL_DIR)
os.remove(download_location) os.remove(download_location)
remove_dir(CSL_TEMP_DIR) remove_dir(CSL_TEMP_DIR)
urllib.request.urlcleanup()