我有一个yaml文件,用于存储通过oauth gem验证返回的OAuth::AccessToken值。我读了这个文件,每次都保存自己的身份验证。
:access_token: !ruby/object:OAuth::AccessToken
token: 0fXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
secret: eXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
consumer: !ruby/object:OAuth::Consumer
key: 2aXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
secret: 181XXXXXXXXXXXXXXXXXXXXX
options:
:signature_method: HMAC-SHA1
:request_token_path: /oauth/request_token/
:authorize_path: /oauth/authorize
:access_token_path: /oauth/access_token/
:proxy:
:scheme: :header
:http_method: :get
:oauth_version: '1.0'
:site: http://api.mendeley.com
http_method: :get
http: !ruby/object:Net::HTTP
address: api.mendeley.com
port: 80
curr_http_version: '1.1'
no_keepalive_server: false
close_on_empty_response: false
socket:
started: false
open_timeout: 30
read_timeout: 30
continue_timeout:
debug_output:
use_ssl: false
ssl_context:
enable_post_connection_check: true
compression:
sspi_enabled: false
ssl_version:
key:
cert:
ca_file: /etc/ssl/certs/ca-certificates.crt
ca_path:
cert_store:
ciphers:
verify_mode: 1
verify_callback:
verify_depth: 5
ssl_timeout:
params:
:oauth_token: 0fXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
oauth_token: 0XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
:oauth_token_secret: efXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
oauth_token_secret: eXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
当我使用yaml gem阅读此文件时,一切正常。但是我正在使用Jekyll并且必须使用safe_yaml gem阅读此内容,即使yaml看起来正确地决定了该类,当我这样做时:
auth_contents = YAML::load(File.open("auth.yaml"))
$access_token = auth_contents[":access_token"]
我将$access_token作为哈希值返回;类声明丢失了。这意味着我当然不能应用$access_token.get等方法。我该如何解决这个问题?有没有办法说服红宝石认出正确的课程?
答案 0 :(得分:2)
首先:确保您确实要加载课程。在我看来,你控制YAML文件,但如果由于某种原因从你不信任的地方加载,你可能想手动反序列化哈希。
也就是说,safe_yaml可以whitelist trusted types:
SafeYAML.whitelist!(OAuth::AccessToken, OAuth::Consumer, Net::HTTP)