Package web :: Package web :: Module template :: Class SafeVisitor

Class SafeVisitor

object --+
         |
        SafeVisitor


Make sure code is safe by walking through the AST.

Code considered unsafe if:
    * it has restricted AST nodes
    * it is trying to access resricted attributes   
    
Adopted from http://www.zafar.se/bkz/uploads/safe.txt (public domain, Babar K. Zafar)

Instance Methods

[hide private]

__init__(self)
Initialize visitor by generating callbacks for all AST node types.

source code

walk(self, ast, filename)
Validate each node in AST and raise SecurityError if the code is not safe.

source code

visit(self, node, *args)
Recursively validate node and all of its children.

source code

visitName(self, node, *args)
Disallow any attempts to access a restricted attr.

source code

visitGetattr(self, node, *args)
Disallow any attempts to access a restricted attribute.

source code

assert_attr(self, attrname, node)

source code

is_unallowed_attr(self, name)

source code

get_node_lineno(self, node)

source code

fail(self, node, *args)
Default callback for unallowed AST nodes.

source code

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Properties

[hide private]

Inherited from object: __class__

Method Details

[hide private]

init(self)
(Constructor)

source code

Initialize visitor by generating callbacks for all AST node types.

Overrides: object.__init__

Class SafeVisitor

__init__(self) (Constructor)

init(self)
(Constructor)