use of org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.PermitAllWhitelist in project engine by craftercms.
the class SiteContextFactory method configureScriptSandbox.
protected void configureScriptSandbox(SiteContext siteContext, ResourceLoader resourceLoader) {
try {
// Enable both hardcoded & configurable blacklists
if (enableScriptSandbox && enableSandboxBlacklist) {
Resource sandboxBlacklist = resourceLoader.getResource(this.sandboxBlacklist);
try (InputStream is = sandboxBlacklist.getInputStream()) {
Blacklist blacklist = new Blacklist(new InputStreamReader(is));
siteContext.scriptSandbox = new SandboxInterceptor(blacklist, singletonList(Dom4jExtension.class));
}
// Enable only the hardcoded blacklist
} else if (enableScriptSandbox) {
Whitelist whitelist = new PermitAllWhitelist();
siteContext.scriptSandbox = new SandboxInterceptor(whitelist, singletonList(Dom4jExtension.class));
}
} catch (IOException e) {
throw new SiteContextCreationException("Unable to load sandbox blacklist for site '" + siteContext.getSiteName() + "'", e);
}
}
Aggregations