ospc-org / ospc.org

Source code for PolicyBrain, ospc.org, and related assets.
MIT License
24 stars 32 forks source link

In Python 3, '01' causes a syntax error when evaled via ast.literal_eval #926

Closed hdoupe closed 6 years ago

hdoupe commented 6 years ago

ast.literal_eval throws a syntax error in Python 3 when passed a string like "01". In Python 2, ast.literal_eval parses this string to 1. The behavior has been changed to return the original, unparsed value if an exception is thrown. Errors such as this should be caught by the initial input validation logic. The only reason that this occurred is that bad data got through the initial form validation.

Note that there was a bug where the wrong variable was returned and a NameError was thrown. This has been fixed.

While working on the issue above, I noticed that the input value validation logic needed some serious work. I spent some time trying to get the pyparser library to work as expected, but I was unsuccessful. Thus, I wrote an is_safe function that tests:

Also, this resolves #924

hdoupe commented 6 years ago

Thanks for the review @lucassz.