admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-17 18:12:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(Code Node): Only Block os.system vs Blocking import os (#16885)

Browse Source
This commit is contained in:
Marty Sullivan
2025-07-03 02:59:34 -04:00
committed by GitHub
parent 8aecd327c6
commit e54613f75f
1 changed files with 5 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
packages/nodes-base/nodes/Code/Pyodide.ts
View File

@@ -28,30 +28,18 @@ export async function LoadPyodide(packageCacheDir: string): Promise<PyodideInter
)) as PyodideInterface; )) as PyodideInterface;
await pyodideInstance.runPythonAsync(` await pyodideInstance.runPythonAsync(`
blocked_modules = ["os"] import os
import sys def blocked_system(*args, **kwargs):
for module_name in blocked_modules: raise RuntimeError("os.system is blocked for security reasons.")
del sys.modules[module_name]
os.system = blocked_system
from importlib.abc import MetaPathFinder from importlib.abc import MetaPathFinder
from importlib.machinery import ModuleSpec from importlib.machinery import ModuleSpec
from types import ModuleType from types import ModuleType
from typing import Sequence, Optional from typing import Sequence, Optional
class ImportBlocker(MetaPathFinder):
def find_spec(
self,
fullname: str,
path: Sequence[bytes | str] | None,
target: ModuleType | None = None,
) -> Optional[ModuleSpec]:
if fullname in blocked_modules:
raise ModuleNotFoundError(f"Module {fullname!r} is blocked", name=fullname)
return None
sys.meta_path.insert(0, ImportBlocker())
from _pyodide_core import jsproxy_typedict from _pyodide_core import jsproxy_typedict
from js import Object from js import Object
`); `);