Fellow earthicans, I'm trying the ExtJS Javascript framework in a workflow-style Pylons project. And that means passing a lot of JSON data around. There is a certain cross-site vulnerability problem when sending JSON arrays (versus JSON dictionaries or scalars). But without working around it on the ExtJS side I will have to use arrays. So I tried to be smart and ignore the warning from the @jsonify decorator (which is flooding my logs):
22:53:51,387 WARNI [pylons.decorators] JSON responses with Array envelopes are susceptible to cross-site data leak attacks, see http://pylonshq.com/warnings/JSONArray Unfortunately I wasn't very lucky. I tried to use: import warnings warnings.filterwarnings('ignore', 'JSON responses with Array envelopes') in several places like lib/base.py or config/environment.py but the warning always still appeared. Where would I put that code to be successful? I know it's close to trivial to just copy the @jsonify decorator function and removing that line. I'm more interested in how to suppress the warnings. Any ideas? Cheers Christoph -- A guess is just a guess until you turn it into a pie chart. Then it's an analysis. (Scott Adams)
signature.asc
Description: This is a digitally signed message part.