File tree Expand file tree Collapse file tree 2 files changed +11
-0
lines changed Expand file tree Collapse file tree 2 files changed +11
-0
lines changed Original file line number Diff line number Diff line change 1515from .exceptions import (
1616 JinjaTemplateError ,
1717 JinjaTemplateNotFoundError ,
18+ JinjaTemplateOperationViolationError ,
1819 JinjaTemplateSyntaxError ,
1920 JinjaTemplateUndefinedError ,
2021)
@@ -70,6 +71,11 @@ def get_variables(self) -> list[str]:
7071 template_source = env .loader .get_source (env , self ._template )[0 ]
7172
7273 template = env .parse (template_source )
74+ if self .is_string_based and any (
75+ node .__class__ .__name__ in ["Call" , "Import" , "Include" ] for node in template .body
76+ ):
77+ raise JinjaTemplateOperationViolationError ()
78+
7379 return sorted (meta .find_undeclared_variables (template ))
7480
7581 async def render (self , variables : dict [str , Any ]) -> str :
Original file line number Diff line number Diff line change @@ -31,3 +31,8 @@ class JinjaTemplateUndefinedError(JinjaTemplateError):
3131 def __init__ (self , message : str | None , errors : list [UndefinedJinja2Error ]) -> None :
3232 self .message = message or "Undefined Error"
3333 self .errors = errors
34+
35+
36+ class JinjaTemplateOperationViolationError (JinjaTemplateError ):
37+ def __init__ (self , message : str | None = None ) -> None :
38+ self .message = message or "Forbidden code found in the template"
You can’t perform that action at this time.
0 commit comments