mirrors/recipes
1
0
Fork 0
mirror of https://github.com/TandoorRecipes/recipes.git synced 2026-01-01 04:10:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

use Sandbox Environment to render templates

Browse Source
This commit is contained in:
vabene1111
2024-11-26 17:18:47 +01:00
parent 4f9bff20c8
commit e6087d5129
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cookbook/helper/template_helper.py
View File

@@ -3,6 +3,8 @@ from gettext import gettext as _
import bleach
import markdown as md
from jinja2 import Template, TemplateSyntaxError, UndefinedError
from jinja2.exceptions import SecurityError
from jinja2.sandbox import SandboxedEnvironment
from markdown.extensions.tables import TableExtension
from cookbook.helper.mdx_attributes import MarkdownFormatExtension
@@ -89,11 +91,13 @@ def render_instructions(step): # TODO deduplicate markdown cleanup code
return f"<scalable-number v-bind:number='{bleach.clean(str(number))}' v-bind:factor='ingredient_factor'></scalable-number>"
try:
template = Template(instructions)
instructions = template.render(ingredients=ingredients, scale=scale)
env = SandboxedEnvironment()
instructions = env.from_string(instructions).render(ingredients=ingredients, scale=scale)
except TemplateSyntaxError:
return _('Could not parse template code.') + ' Error: Template Syntax broken'
except UndefinedError:
return _('Could not parse template code.') + ' Error: Undefined Error'
except SecurityError:
return _('Could not parse template code.') + ' Error: Security Error'
return instructions