Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can a python view template be made to be 'safe/secure' if I make it user editable?

Tags:

python

security

django

templating

Say I need to have a templating system where a user can edit it online using an online editor.

So they can put if tags, looping tags etc., but ONLY for specific objects that I want to inject into the template.

Can this be made to be safe from security issues?

i.e. them somehow outputing sql connection string information or scripting things outside of the allowable tags and injected objects.

like image 399
Blankman Avatar asked Jun 13 '10 22:06

Blankman

1 Answers

Yes, use a template engine that has sandboxing features, like jinja2

like image 196
nosklo Avatar answered Oct 24 '22 06:10

nosklo
Sign in to Comment

Related questions

Compiling a py2app working build for both Leopard and Snow Leopard?
lxml equivalent to BeautifulSoup "OR" syntax?
Python Service Custom Command Arguments
Output file redirection in Python
Sphinx (documentation tool): set tab width in output
Generate ODT/DOC(X) and convert to PDF, without OO.o/MS
How do I do text wrapping in pyCairo + Pango?
Broken Pipe from subprocess.Popen.communciate() with stdin
How to model a social news feed on Google App Engine
Which implementation of OrderedDict should be used in python2.6?
add a decorate function to a class
Control VLC from Python in Windows
How to convert Selenese (html) to Python programmatically?
Mapping functions of 2D numpy arrays
Problem trying to install PyCurl on Mac Snow Leopard
Passing C++ object to C++ code through Python?
threading.local equivalent for twisted.web?
Python - Linux - Connecting to MS SQL with Windows Credentials - FreeTDS+UnixODBC + pyodbc or pymssql
Script to install and compile Python, Django, Virtualenv, Mercurial, Git, LessCSS, etc... on Dreamhost
File encryption with Python

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!