I missed the reply , so apologies for reviving this thread after more
than a week.
On Jan 27, 1:28 am, Bill Freeman wrote:
> I think that depends upon the context the view provides, and upon what
> tag libraries can be loaded.
I think can work with that
> Objects in the context can have their m
I think that depends upon the context the view provides, and upon what
tag libraries can be loaded.
Objects in the context can have their methods called (with some
restrictions). If your view pre-converts all interesting data to
strings and numbers, and/or sequences or dictionaries of such, then
Are Django templates safe enough to use templates provided by
untrusted users? Is it possible to limit functionality? I am not only
concerned with what the templates can access, but also things like
being able to consume excessive resources with, for example, deeply
nested loops.
If not Django tem
3 matches
Mail list logo
