New submission from Behdad Esfahbod: The documentation says:
""" Safely evaluate an expression node or a string containing a Python expression. The string or node provided may only consist of the following Python literal structures: strings, bytes, numbers, tuples, lists, dicts, sets, booleans, and None. This can be used for safely evaluating strings containing Python expressions from untrusted sources without the need to parse the values oneself. """ This makes me to believe that this is a useful replacement for eval() that is safe. However, it fails to make it clear that it parses **one literal**, NOT an expression. Ie. it can't handle "2*2". Weirdly enough, at least with my Python 3.2.3, it does handle "2+2" with no problem. This seriously limits the usefulness of this function. Is there really no equivalent that parses simple expressions of literals? ---------- messages: 227941 nosy: Behdad.Esfahbod priority: normal severity: normal status: open title: ast.literal_eval() doesn't do what the documentation says _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue22525> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
