klas/t6_mem0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[Fix] Enhanced security for OpenAPI and JSON Loader Integration (#1122)

Browse Source
This commit is contained in:
YusukeJustinNakajima
2024-01-08 14:37:03 +09:00
committed by GitHub
parent 1878f8d4fc
commit f7696d1dc1
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
embedchain/loaders/json.py
View File

@@ -35,7 +35,7 @@ class JSONReader:
return ["\n".join(useful_lines)]
VALID_URL_PATTERN = "^https:\/\/[0-9A-z.]+.[0-9A-z.]+.[a-z]+\/.*\.json$"
VALID_URL_PATTERN = "^https:\/\/[0-9A-Za-z]+(\.[0-9A-Za-z]+)*\/[0-9A-Za-z_\/]*\.json$"
class JSONLoader(BaseLoader):

2
embedchain/loaders/openapi.py
View File

@@ -32,7 +32,7 @@ class OpenAPILoader(BaseLoader):
file_path = content
data_content = []
with OpenAPILoader._get_file_content(content=content) as file:
yaml_data = yaml.load(file, Loader=yaml.Loader)
yaml_data = yaml.load(file, Loader=yaml.SafeLoader)
for i, (key, value) in enumerate(yaml_data.items()):
string_data = f"{key}: {value}"
meta_data = {"url": file_path, "row": i + 1}