raintpl3 icon indicating copy to clipboard operation
raintpl3 copied to clipboard

Published 20 hours ago verified publisher icon feulf

Sandbox does not allow any variables to contain any parts from blacklists.

Open xPaw opened this issue 12 years ago • 2 comments

I was doing this <td>{if="isset( $value.executable )"}{$value.executable|safe}{/if}</td> and it took me a while to figure this out.

xPaw avatar Jan 23 '13 15:01 xPaw

Hi Pavel, good catch. I think we'll have to revisit the entire blacklist logic and even if complex, we need a whitelist to block everything except the white listed methods. I'll look into this issue later today and try to see what solution we can come with.

Thanks

feulf avatar Jan 23 '13 15:01 feulf

Fixed. Please review: https://github.com/rainphp/raintpl3/tree/issue-48

feulf avatar Aug 25 '13 14:08 feulf