Remove _clean_data_struct() advice as that was a 1.x design

data now goes through this extra cleaning in the template rather than being an explicit other step.
2017-01-11 11:43:56 -08:00 · 2017-01-11 11:43:56 -08:00 · 027b126b42
commit 027b126b42
parent 36c79709a4
1 changed files with 1 additions and 4 deletions
--- a/lib/ansible/template/safe_eval.py
+++ b/lib/ansible/template/safe_eval.py
@ -32,10 +32,7 @@ def safe_eval(expr, locals={}, include_exceptions=False):
    with_items: a_list_variable

    Where Jinja2 would return a string but we do not want to allow it to
-    call functions (outside of Jinja2, where the env is constrained). If
-    the input data to this function came from an untrusted (remote) source,
-    it should first be run through _clean_data_struct() to ensure the data
-    is further sanitized prior to evaluation.
+    call functions (outside of Jinja2, where the env is constrained).

    Based on:
    http://stackoverflow.com/questions/12523516/using-ast-and-whitelists-to-make-pythons-eval-safe