Skip to content

Commit

Permalink
Support include statement
Browse files Browse the repository at this point in the history
  • Loading branch information
@niknetniko
niknetniko committed Jan 29, 2024
1 parent 111defa commit 2e34c0b
Showing 1 changed file with 8 additions and 4 deletions.
12 changes: 8 additions & 4 deletions tested/descriptions/converters.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
from typing import Callable, cast

from attr import dataclass
from jinja2 import Template
from jinja2 import Environment, FileSystemLoader
from marko import Markdown
from typing_extensions import override

Expand Down Expand Up @@ -179,10 +179,14 @@ def convert_templated_problem(bundle: Bundle, raw_description: str) -> str:
:param raw_description: The raw, Mako description.
:return: The processed (Markdown) description.
"""

description_template = Template(
source=raw_description, autoescape=False, keep_trailing_newline=True
environment = Environment(
loader=FileSystemLoader(
searchpath=bundle.config.resources,
),
autoescape=False,
keep_trailing_newline=True,
)

Check warning

Code scanning / CodeQL

Jinja2 templating with autoescape=False Medium test

Using jinja2 templates with autoescape=False can potentially allow XSS attacks.
description_template = environment.from_string(source=raw_description)
set_locale(bundle.config.natural_language)
return description_template.render(
# Conventionalize functions
Expand Down

0 comments on commit 2e34c0b

Please sign in to comment.