admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-17 18:12:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(Code Node): Only Block os.system vs Blocking import os (#16885)

Browse Source
This commit is contained in:
Marty Sullivan
2025-07-03 02:59:34 -04:00
committed by GitHub
parent 8aecd327c6
commit e54613f75f
1 changed files with 5 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
packages/nodes-base/nodes/Code/Pyodide.ts
View File

@@ -28,30 +28,18 @@ export async function LoadPyodide(packageCacheDir: string): Promise<PyodideInter
)) as PyodideInterface;
await pyodideInstance.runPythonAsync(`
blocked_modules = ["os"]
import os
import sys
for module_name in blocked_modules:
del sys.modules[module_name]
def blocked_system(*args, **kwargs):
raise RuntimeError("os.system is blocked for security reasons.")
os.system = blocked_system
from importlib.abc import MetaPathFinder
from importlib.machinery import ModuleSpec
from types import ModuleType
from typing import Sequence, Optional
class ImportBlocker(MetaPathFinder):
def find_spec(
self,
fullname: str,
path: Sequence[bytes | str] | None,
target: ModuleType | None = None,
) -> Optional[ModuleSpec]:
if fullname in blocked_modules:
raise ModuleNotFoundError(f"Module {fullname!r} is blocked", name=fullname)
return None
sys.meta_path.insert(0, ImportBlocker())
from _pyodide_core import jsproxy_typedict
from js import Object
`);