zware/awx
1
0
Fork 0
mirror of https://github.com/ZwareBear/awx.git synced 2026-05-14 15:58:38 -05:00
Code Issues Packages Projects Releases Wiki Activity

don't allow usage of jinja templates in certain ansible CLI flags

Browse Source 
see: https://github.com/ansible/tower/issues/1338
This commit is contained in:
Ryan Petrello
2018-04-13 16:32:39 -04:00
parent 88c243c92a
commit 7074dcd677
3 changed files with 59 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
awx/main/utils/safe_yaml.py
+17
View File
@@ -1,3 +1,4 @@
import re
import six
import yaml
@@ -64,3 +65,19 @@ def safe_dump(x, safe_dict=None):
default_flow_style=False,
))
return ''.join(yamls)
def sanitize_jinja(arg):
"""
For some string, prevent usage of Jinja-like flags
"""
if isinstance(arg, six.string_types):
# If the argument looks like it contains Jinja expressions
# {{ x }} ...
if re.search('\{\{[^}]+}}', arg) is not None:
raise ValueError('Inline Jinja variables are not allowed.')
# If the argument looks like it contains Jinja statements/control flow...
# {% if x.foo() %} ...
if re.search('\{%[^%]+%}', arg) is not None:
raise ValueError('Inline Jinja variables are not allowed.')
return arg