module Psych

def self.safe_load yaml, whitelist_classes = [], whitelist_symbols = [], aliases = false, filename = nil

but the +aliases+ parameter is set to false.
A Psych::BadAlias exception will be raised if the yaml contains aliases

class that isn't in the whitelist.
A Psych::DisallowedClass exception will be raised if the yaml contains a

Psych.safe_load yaml, [], [], true # => loads the aliases
Psych.safe_load yaml # => raises an exception
yaml = Psych.dump x
x << x
x = []

For example:
Aliases can be explicitly allowed by changing the +aliases+ parameter.

Now the Date class can be loaded in addition to the classes listed above.

Psych.safe_load(yaml, [Date])

additive. For example, to allow Date deserialization:
can be allowed by adding those classes to the +whitelist+. They are
Recursive data structures are not allowed by default. Arbitrary classes

* Hash
* Array
* String
* Numeric
* NilClass
* FalseClass
* TrueClass

classes are allowed to be deserialized:
Safely load the yaml string in +yaml+. By default, only the following
##

def self.safe_load yaml, whitelist_classes = [], whitelist_symbols = [], aliases = false, filename = nil
  result = parse(yaml, filename)
  return unless result
  class_loader = ClassLoader::Restricted.new(whitelist_classes.map(&:to_s),
                                             whitelist_symbols.map(&:to_s))
  scanner      = ScalarScanner.new class_loader
  if aliases
    visitor = Visitors::ToRuby.new scanner, class_loader
  else
    visitor = Visitors::NoAliasRuby.new scanner, class_loader
  end
  visitor.accept result
end

Modules

Classes

module Psych

def self.safe_load yaml, whitelist_classes = [], whitelist_symbols = [], aliases = false, filename = nil

Class Methods