p15693087
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fixed #33287 -- Made GeoJSON serializer use json.loads() instead of eval(). 

Thanks David Wyde for the report.
This commit is contained in:
Maxim Piskunov 2021-11-14 17:04:20 +03:00 committed by Mariusz Felisiak
parent 76f07b4fcf
commit 12fe3224f5
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
django/contrib/gis/serializers/geojson.py
View File

@ -1,3 +1,5 @@
import json
from django.contrib.gis.gdal import CoordTransform, SpatialReference from django.contrib.gis.gdal import CoordTransform, SpatialReference
from django.core.serializers.base import SerializerDoesNotExist from django.core.serializers.base import SerializerDoesNotExist
from django.core.serializers.json import Serializer as JSONSerializer from django.core.serializers.json import Serializer as JSONSerializer
@ -50,7 +52,7 @@ class Serializer(JSONSerializer):
srs = SpatialReference(self.srid) srs = SpatialReference(self.srid)
self._cts[self._geometry.srid] = CoordTransform(self._geometry.srs, srs) self._cts[self._geometry.srid] = CoordTransform(self._geometry.srs, srs)
self._geometry.transform(self._cts[self._geometry.srid]) self._geometry.transform(self._cts[self._geometry.srid])
data["geometry"] = eval(self._geometry.geojson) data["geometry"] = json.loads(self._geometry.geojson)
else: else:
data["geometry"] = None data["geometry"] = None
return data return data