Skip to content

Commit dd8b7a4

Browse files
Add additional test for safe case in documentation
1 parent 55557f8 commit dd8b7a4

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed
Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,11 @@
11
from jinja2 import Environment, Template
2+
from jinja2.sandbox import SandboxedEnvironment
23

34
def test():
45
env = Environment()
56
t = env.from_string("abc") # $ templateConstruction="abc"
67
t = Template("abc") # $ templateConstruction="abc"
8+
9+
env2 = SandboxedEnvironment()
10+
t = env.from_string("abc") # No result as we don't model SandboxedEnvironment. We may wish to instead specifically model it as NOT vulnerable to template injection vulnerabilities.
711
return t

0 commit comments

Comments
 (0)