Open vemv opened 2 months ago
I'd need to be able to run code such as this one, namely that uses arbitrary classes.
(malli/coerce [:fn '(fn url? [s] (try (java.net.URL. url) true (catch MalformedURLException _ false)))] "http:")
...This is safe for my use case, as I'm using SCI for serializable functions - not for evaluating user input.
The code above won't run since no classes are whitelisted by default.
Allow to specify {:classes {:allow :all}} as documented in:
{:classes {:allow :all}}
https://github.com/babashka/sci/blob/bf6a0f1e00313a902c62c59e440266612725b926/README.md#classes
...perhaps this is possible already, but there wasn't documentation for this aspect. Code wasn't immediately clear to me.
Thanks - V
Context
I'd need to be able to run code such as this one, namely that uses arbitrary classes.
...This is safe for my use case, as I'm using SCI for serializable functions - not for evaluating user input.
Problem statement
The code above won't run since no classes are whitelisted by default.
Suggested solution
Allow to specify
{:classes {:allow :all}}as documented in:https://github.com/babashka/sci/blob/bf6a0f1e00313a902c62c59e440266612725b926/README.md#classes
...perhaps this is possible already, but there wasn't documentation for this aspect. Code wasn't immediately clear to me.
Thanks - V