doT
doT copied to clipboard
olado
The fastest + concise javascript template engine for nodejs and browsers. Partials, custom delimiters and more.
Hello, I've identified another prototype pollution gadget within the doT template engine that could potentially be leveraged by attackers to achieve remote code execution via prototype pollution vulnerabilities. It is...
i found doT library v1.1.3 this is a poc ``` const doT = require('dot'); doT.templateSettings = { evaluate: /\{\{([\s\S]+?(\}?)+)\}\}/g, interpolate: /\{\{=([\s\S]+?)\}\}/g, encode: /\{\{!([\s\S]+?)\}\}/g, use: /\{\{#([\s\S]+?)\}\}/g, define: /\{\{##\s*([\w\.$]+)\s*(\:|=)([\s\S]+?)#\}\}/g, conditional: /\{\{\?(\?)?\s*([\s\S]*?)\s*\}\}/g, iterate:...
Update README.md with correct website link. Old link was not working as it was not pointing to github pages domain (.io)
http://olado.github.com/doT that link generates 404 instead of documentation
Given this template, it should render a CSV output with **no** empty lines ```dot host,pin,subject {{~ it :e }} {{=e.host}},{{=e.hash}},{{=e.subject.CN}} {{~}} ``` However, the output contains an empty line after...
Hi everybody! Currently I'm having an issue while trying to pass a parameter to a function inside a snippet from another file. I'm running the latest version of doT. This...
I was messing around with the new `delimiters` option released in `2.0.0-beta.1` and found out that setting `{` and `}` as `start` and `end` delimiters respectively, breaks in some cases....
