|
|
|
|
|
|
by sferik
4905 days ago
|
|
|
That's correct. But I'm planning to remove this functionality anyway, just to be safe. It's too easy to accidentally open this vulnerability and it's unclear what the valid use-case is for parsing YAML or symbols from XML. When I implemented this functionality, it was only to be compatible with the Rails parser. |
|
|