diff options
author | Andrey Somov <public.somov@gmail.com> | 2022-09-07 18:45:00 +0300 |
---|---|---|
committer | Andrey Somov <public.somov@gmail.com> | 2022-09-07 18:45:00 +0300 |
commit | a477fbf17b785195222703ee1decb92069b6209e (patch) | |
tree | ced2d4bf441dcf58d2f2a64710e7324c9e569604 | |
parent | 1fdf6362efb8e1a71d271f692501f248bc3a8b6b (diff) | |
download | snakeyaml-a477fbf17b785195222703ee1decb92069b6209e.tar.gz |
Add warning about untrusted data
-rw-r--r-- | README.md | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -13,6 +13,8 @@ For YAML 1.2 (which is a superset of JSON) you may have a look at [SnakeYAML Eng * high-level API for serializing and deserializing native Java objects. * support for all types from the [YAML types repository](http://yaml.org/type/index.html). * relatively sensible error messages. +* when you plan to feed the parser with untrusted data please study the settings which allow to restrict incoming data. + ## Info ## * [Changes](https://bitbucket.org/snakeyaml/snakeyaml/wiki/Changes) |