converting string to dict ?
Fredrik Lundh
fredrik at pythonware.com
Wed Apr 11 06:44:04 EDT 2001
Jason Cunliffe wrote:
> A web input form passes {'name':'Cleopatra'} as a string.
>
> Please, is there a nice clean function to convert this string to a dict?
>>> eval("{'name': 'Cleopatra'}", {"__builtins__": {}})
{'name': 'Cleopatra'}
the __builtins__ stuff is optional, but provides some protection
from evil data providers:
# from the eff-bot guide
>>> print eval("__import__('os').remove('file')")
Traceback (most recent call last):
File "<stdin>", line 1, in ?
File "<string>", line 0, in ?
OSError: [Errno 2] No such file or directory: 'file'
>>> eval("__import__('os').remove('file')", {"__builtins__": {}})
Traceback (most recent call last):
File "<stdin>", line 1, in ?
File "<string>", line 0, in ?
NameError: There is no variable named '__import__'
Cheers /F
<!-- (the eff-bot guide to) the standard python library:
http://www.pythonware.com/people/fredrik/librarybook.htm
-->
More information about the Python-list
mailing list