mirror of
https://github.com/python-pillow/Pillow.git
synced 2025-01-12 10:16:17 +03:00
Added danger alerts
This commit is contained in:
parent
a7e82cbe9a
commit
f932cb895f
|
@ -46,10 +46,13 @@ Example: Using the :py:mod:`~PIL.ImageMath` module
|
||||||
|
|
||||||
.. py:function:: unsafe_eval(expression, environment)
|
.. py:function:: unsafe_eval(expression, environment)
|
||||||
|
|
||||||
Evaluates an image expression. This uses Python's ``eval()`` function to process
|
Evaluates an image expression.
|
||||||
the expression string, and carries the security risks of doing so. It is not
|
|
||||||
recommended to process expressions without considering this.
|
.. danger::
|
||||||
:py:meth:`~lambda_eval` is a more secure alternative.
|
This uses Python's ``eval()`` function to process the expression string,
|
||||||
|
and carries the security risks of doing so. It is not
|
||||||
|
recommended to process expressions without considering this.
|
||||||
|
:py:meth:`lambda_eval` is a more secure alternative.
|
||||||
|
|
||||||
:py:mod:`~PIL.ImageMath` only supports single-layer images. To process multi-band
|
:py:mod:`~PIL.ImageMath` only supports single-layer images. To process multi-band
|
||||||
images, use the :py:meth:`~PIL.Image.Image.split` method or
|
images, use the :py:meth:`~PIL.Image.Image.split` method or
|
||||||
|
@ -69,14 +72,17 @@ Example: Using the :py:mod:`~PIL.ImageMath` module
|
||||||
Expression syntax
|
Expression syntax
|
||||||
-----------------
|
-----------------
|
||||||
|
|
||||||
:py:meth:`~lambda_eval` expressions are functions that receive a dictionary containing
|
* :py:meth:`lambda_eval` expressions are functions that receive a dictionary
|
||||||
images and operators.
|
containing images and operators.
|
||||||
|
|
||||||
:py:meth:`~unsafe_eval` expressions are standard Python expressions, but they’re
|
* :py:meth:`unsafe_eval` expressions are standard Python expressions,
|
||||||
evaluated in a non-standard environment.
|
but they’re evaluated in a non-standard environment.
|
||||||
|
|
||||||
In both cases, you can use Pillow methods as usual, plus the following set of operators
|
.. danger::
|
||||||
and functions.
|
:py:meth:`unsafe_eval` uses Python's ``eval()`` function to process the
|
||||||
|
expression string, and carries the security risks of doing so.
|
||||||
|
It is not recommended to process expressions without considering this.
|
||||||
|
:py:meth:`lambda_eval` is a more secure alternative.
|
||||||
|
|
||||||
Standard Operators
|
Standard Operators
|
||||||
^^^^^^^^^^^^^^^^^^
|
^^^^^^^^^^^^^^^^^^
|
||||||
|
|
Loading…
Reference in New Issue
Block a user