ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-10-04 15:34:01 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

When parsing json from untrusted sources, remove templating tags

Browse source
This commit is contained in:
James Cammarata 2014-06-30 15:59:32 -05:00
commit 8ed6350e65
5 changed files with 41 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

11
lib/ansible/utils/template.py
View file

@ -80,7 +80,6 @@ class Flags:
FILTER_PLUGINS = None
_LISTRE = re.compile(r"(\w+)\[(\d+)\]")
JINJA2_OVERRIDE='#jinja2:'
def lookup(name, *args, **kwargs):
from ansible import utils
@ -231,16 +230,6 @@ def template_from_file(basedir, path, vars, vault_password=None):
except:
raise errors.AnsibleError("unable to read %s" % realpath)
# Get jinja env overrides from template
if data.startswith(JINJA2_OVERRIDE):
eol = data.find('\n')
line = data[len(JINJA2_OVERRIDE):eol]
data = data[eol+1:]
for pair in line.split(','):
(key,val) = pair.split(':')
setattr(environment,key.strip(),ast.literal_eval(val.strip()))
environment.template_class = J2Template
try:
t = environment.from_string(data)