mirror of
https://github.com/olivierkes/manuskript.git
synced 2024-05-19 20:32:28 +12:00
Merge pull request #895 from zeth/bug-891
Kill old insecure pickle setting files (untested)
This commit is contained in:
commit
23ead413c1
|
@ -168,10 +168,13 @@ def loadProject(project):
|
||||||
else:
|
else:
|
||||||
errors.append("outline.xml")
|
errors.append("outline.xml")
|
||||||
|
|
||||||
if "settings.pickle" in files:
|
if "settings.txt" in files:
|
||||||
settings.load(files["settings.pickle"], fromString=True)
|
settings.load(files["settings.txt"], fromString=True, protocol=0)
|
||||||
else:
|
else:
|
||||||
errors.append("settings.pickle")
|
errors.append("settings.txt")
|
||||||
|
|
||||||
|
if "settings.pickle" in files:
|
||||||
|
LOGGER.info("Pickle settings files are no longer supported for security reasons. You can delete it from your data.")
|
||||||
|
|
||||||
return errors
|
return errors
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,6 @@
|
||||||
|
|
||||||
import collections
|
import collections
|
||||||
import json
|
import json
|
||||||
import pickle
|
|
||||||
|
|
||||||
from PyQt5.QtWidgets import qApp
|
from PyQt5.QtWidgets import qApp
|
||||||
|
|
||||||
|
@ -166,37 +165,21 @@ def save(filename=None, protocol=None):
|
||||||
#print("Saving:")
|
#print("Saving:")
|
||||||
#pp.pprint(allSettings)
|
#pp.pprint(allSettings)
|
||||||
|
|
||||||
if filename:
|
# This looks stupid
|
||||||
f = open(filename, "wb")
|
# But a simple json.dumps with sort_keys will throw a TypeError
|
||||||
pickle.dump(allSettings, f)
|
# because of unorderable types.
|
||||||
else:
|
return json.dumps(json.loads(json.dumps(allSettings)), indent=4, sort_keys=True)
|
||||||
if protocol == 0:
|
|
||||||
# This looks stupid
|
|
||||||
# But a simple json.dumps with sort_keys will throw a TypeError
|
|
||||||
# because of unorderable types.
|
|
||||||
return json.dumps(json.loads(json.dumps(allSettings)), indent=4, sort_keys=True)
|
|
||||||
else:
|
|
||||||
return pickle.dumps(allSettings)
|
|
||||||
|
|
||||||
|
|
||||||
def load(string, fromString=False, protocol=None):
|
def load(string, fromString=False, protocol=None):
|
||||||
"""Load settings from 'string'. 'string' is the filename of the pickle dump.
|
"""fromString=True is deprecated, it shouldn't be used."""
|
||||||
If fromString=True, string is the data of the pickle dumps."""
|
|
||||||
global allSettings
|
global allSettings
|
||||||
|
|
||||||
if not fromString:
|
if not string:
|
||||||
try:
|
LOGGER.error("Cannot load settings.")
|
||||||
f = open(string, "rb")
|
return
|
||||||
allSettings = pickle.load(f)
|
|
||||||
|
|
||||||
except:
|
allSettings = json.loads(string)
|
||||||
LOGGER.error("Cannot load settings, {} does not exist.".format(string))
|
|
||||||
return
|
|
||||||
else:
|
|
||||||
if protocol == 0:
|
|
||||||
allSettings = json.loads(string)
|
|
||||||
else:
|
|
||||||
allSettings = pickle.loads(string)
|
|
||||||
|
|
||||||
#pp=pprint.PrettyPrinter(indent=4, compact=False)
|
#pp=pprint.PrettyPrinter(indent=4, compact=False)
|
||||||
#print("Loading:")
|
#print("Loading:")
|
||||||
|
|
Loading…
Reference in a new issue