A Django template engine to render untrusted template code
Project description
Django Safe Template Engine
Django template engine to render untrusted template code
Table of contents
Requirements
- Python 3.8 to 3.12
- Django 3.2 (officially supported in automated tests, all built-in template tags and filters reviewed)
Available tools
Template engine
from django.template import Template
from django_safe_template_engine.engine import SafeTemplateEngine
safe_engine = SafeTemplateEngine()
Template(source, engine=safe_engine)
Validator
from django_safe_template_engine.validators import validate_safe_engine_template_syntax
template_code = '{% include "hacked.html" %}'
validate_safe_engine_template_syntax(template_code)
Trusted built-ins
The following tags and filters are allowed by this template engine.
Trusted tags
autoescape
comment
cycle
filter
firstof
for
for … empty
if
ifchanged
lorem
now
regroup
resetcycle
spaceless
templatetag
url
verbatim
widthratio
with
Trusted filters
add
addslashes
capfirst
center
cut
date
default_if_none
default
dictsort
dictsortreversed
divisibleby
escape
escapejs
filesizeformat
first
floatformat
force_escape
get_digit
iriencode
join
json_script
last
length_is
length
linebreaks
linebreaksbr
linenumbers
ljust
lower
make_list
phone2numeric
pluralize
random
rjust
safe
safeseq
slice
slugify
stringformat
striptags
time
timesince
timeuntil
title
truncatechars_html
truncatechars
truncatewords_html
truncatewords
unordered_list
upper
urlencode
urlize
urlizetrunc
wordcount
wordwrap
yesno
Contribute
How to contribute
You want to add awesome features to Django Safe Template Engine? Here's how!
- Fork this repository
- Commit and push to your forked repository
- Open a pull request to merge your work into this repository
Code formatting and tests
Here is how to run the code formatting / type checking tools, and run the test suite.
-
[Recommended] Create a Python venv for this repository:
python3 -m venv .venv source .venv/bin/activate
-
Install the dependencies:
cd tests/ && pip install -r requirements.txt && cd ..
-
Run the code formatting tools:
black
code formatter:black src tests
isort
import sorter:isort --settings-path isort.cfg src tests
flake8
coding style checker:flake8 --config .flake8 src tests
mypy
type checker:mypy --config-file mypy.ini src tests
-
Run the test suite:
python run_tests.py
Ignore code formatting revisions from git blame
For a more relevant git blame you can set up your git to use the file .git-blame-ignore-revs
in blame.ignoreRevsFile
:
git config blame.ignoreRevsFile .git-blame-ignore-revs
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django_safe_template_engine-1.2.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | a294636810da2cd4dcd722c18648992a2ea32effad6990fa306d1b9387de6e40 |
|
MD5 | f617c59b774d00d0be760c871453f457 |
|
BLAKE2b-256 | cd7817618add82f2ef8bb55547a531fab8a29939d1c6d0de2b7ac6edf4d9c641 |
Hashes for django_safe_template_engine-1.2.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 92641fbb42a88b12e6e0d438e0339716d998c1e01cfb22afd32eb7e658f304f8 |
|
MD5 | 109ccfea3a60517a24f5572bcf216024 |
|
BLAKE2b-256 | 5f13cb114214807e8c5c7d8735e45a2593df2e8eeb3d5f4ef94ee60b06405b93 |