microsoft
Python: Unsafe input handling
Motivation and Context
Implements dealing with unsafe content, by doing HTML parsing on variables and function results.
Closes: #5889
Description
Adds parameter allow_dangerously_set_content to:
- InputVariable
- PromptTemplateConfig
- PromptTemplateBase
The behavior is that if the flag is set to True on the template itself (KernelPromptTemplate, Jinja2PromptTemplate or HandlebarsPromptTemplate) the behavior is the same, no encoding is done on inputs.
Otherwise:
- variables are encoded by default, this can be switched off using the InputVariables class for that variable.
- function output is encoded by default, this can be switched off using the flag in the PromptTemplateConfig, this is not yet possible to do on a per function basis.
Contribution Checklist
- [x] The code builds clean without any errors or warnings
- [x] The PR follows the SK Contribution Guidelines and the pre-submission formatting script raises no violations
- [x] All unit tests pass, and I have added new tests where possible
- [x] I didn't break anyone :smile:
Python 3.10 Test Coverage Report •
File Stmts Miss Cover Missing semantic_kernel kernel.py 314 57 82% 123, 125, 183–186, 188–192, 194–197, 204, 211–220, 257–260, 270–275, 280, 284–287, 380–416, 535–536, 763, 784–786, 822, 824, 834 semantic_kernel/contents streaming_chat_message_content.py 84 2 98% 193–194 text_content.py 22 2 91% 40, 47 semantic_kernel/functions kernel_function.py 73 2 97% 142, 161 kernel_function_from_prompt.py 163 5 97% 171, 197, 294, 310, 364 semantic_kernel/planners/sequential_planner sequential_planner.py 65 6 91% 69, 73, 104, 120, 129–130 semantic_kernel/prompt_template jinja2_prompt_template.py 44 3 93% 62–64 kernel_prompt_template.py 85 3 96% 119–121 prompt_template_config.py 51 6 88% 39, 47, 68, 73–74, 82 semantic_kernel/prompt_template/utils handlebars_system_helpers.py 93 3 97% 16, 43–44 jinja2_system_helpers.py 48 3 94% 15, 45, 50 semantic_kernel/template_engine/blocks code_block.py 70 1 99% 130 TOTAL 6089 1061 83%
Python 3.10 Unit Test Overview
| Tests | Skipped | Failures | Errors | Time |
|---|---|---|---|---|
| 1278 | 1 :zzz: | 0 :x: | 0 :fire: | 14.816s :stopwatch: |
