From c31cc963daac55f6a3bca9da99b619276911dbd7 Mon Sep 17 00:00:00 2001
From: Jeremy Kemper <jeremy@bitsweat.net>
Date: Sat, 5 Jan 2013 17:46:26 -0700
Subject: Revert "Merge branch 'master-sec'"

This reverts commit 88cc1688d0cb828c17706b41a8bd27870f2a2beb, reversing
changes made to f049016cd348627bf8db0d72382d7580bf802a79.
---
 .../active_support/core_ext/hash/conversions.rb    | 27 ++++------------------
 1 file changed, 4 insertions(+), 23 deletions(-)

(limited to 'activesupport/lib/active_support')

diff --git a/activesupport/lib/active_support/core_ext/hash/conversions.rb b/activesupport/lib/active_support/core_ext/hash/conversions.rb
index 8930376ac8..6cb7434e5f 100644
--- a/activesupport/lib/active_support/core_ext/hash/conversions.rb
+++ b/activesupport/lib/active_support/core_ext/hash/conversions.rb
@@ -101,33 +101,17 @@ class Hash
     #
     #   hash = Hash.from_xml(xml)
     #   # => {"hash"=>{"foo"=>1, "bar"=>2}}
-    #
-    # DisallowedType is raise if the XML contains attributes with <tt>type="yaml"</tt> or
-    # <tt>type="symbol"</tt>. Use <tt>Hash.from_trusted_xml</tt> to parse this XML.
-    def from_xml(xml, disallowed_types = nil)
-      ActiveSupport::XMLConverter.new(xml, disallowed_types).to_h
+    def from_xml(xml)
+      ActiveSupport::XMLConverter.new(xml).to_h
     end
 
-    # Builds a Hash from XML just like <tt>Hash.from_xml</tt>, but also allows Symbol and YAML.
-    def from_trusted_xml(xml)
-      from_xml xml, []
-    end
   end
 end
 
 module ActiveSupport
   class XMLConverter # :nodoc:
-    class DisallowedType < StandardError
-      def initialize(type)
-        super "Disallowed type attribute: #{type.inspect}"
-      end
-    end
-
-    DISALLOWED_TYPES = %w(symbol yaml)
-
-    def initialize(xml, disallowed_types = nil)
+    def initialize(xml)
       @xml = normalize_keys(XmlMini.parse(xml))
-      @disallowed_types = disallowed_types || DISALLOWED_TYPES
     end
 
     def to_h
@@ -135,6 +119,7 @@ module ActiveSupport
     end
 
     private
+
       def normalize_keys(params)
         case params
           when Hash
@@ -160,10 +145,6 @@ module ActiveSupport
       end
 
       def process_hash(value)
-        if value.include?('type') && !value['type'].is_a?(Hash) && @disallowed_types.include?(value['type'])
-          raise DisallowedType, value['type']
-        end
-
         if become_array?(value)
           _, entries = Array.wrap(value.detect { |k,v| not v.is_a?(String) })
           if entries.nil? || value['__content__'].try(:empty?)
-- 
cgit v1.2.3