remove 'js/function' support

uses new Function(str) which is an eval-type construct such code is an attack vector and is not allowed e.g. in Firefox add-ons
minj · May 4, 2016 · b34e032 · b34e032
1 parent 36f8035
commit b34e032
Showing 1 changed file with 0 additions and 1 deletion.
diff --git a/lib/js-yaml/schema/default_full.js b/lib/js-yaml/schema/default_full.js
@@ -20,6 +20,5 @@ module.exports = Schema.DEFAULT = new Schema({
   explicit: [
     require('../type/js/undefined'),
     require('../type/js/regexp'),
-    require('../type/js/function')
   ]
 });