1134cbcf05
Yaml.load() return Python object may be dangerous if you receive a YAML document from an untrusted source such as the Internet. The function yaml.safe_load() limits this ability to simple Python objects like integers or lists. While we're there switch to https for the load so we can be more confident this is 'correct' data Reference: https://security.openstack.org/guidelines/dg_avoid-dangerous-input-parsing-libraries.html Change-Id: I89adc358f1b3e934788a416b7ef7ea8bfc1a45db