Mercurial > genshi > genshi-test

diff genshi/template/markup.py @ 545:6e21c89d9255

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Support for Python code blocks in templates can now be disabled. Closes #123.
author cmlenz
date Thu, 28 Jun 2007 23:00:24 +0000
parents ced12be33858
children 5458a4e8814c
line wrap: on
line diff
--- a/genshi/template/markup.py
+++ b/genshi/template/markup.py
@@ -67,9 +67,10 @@
                   ('strip', StripDirective)]
 
     def __init__(self, source, basedir=None, filename=None, loader=None,
-                 encoding=None, lookup='lenient'):
+                 encoding=None, lookup='lenient', allow_exec=True):
         Template.__init__(self, source, basedir=basedir, filename=filename,
-                          loader=loader, encoding=encoding, lookup=lookup)
+                          loader=loader, encoding=encoding, lookup=lookup,
+                          allow_exec=allow_exec)
         # Make sure the include filter comes after the match filter
         if loader:
             self.filters.remove(self._include)
@@ -185,6 +186,9 @@
                                               pos)]
 
             elif kind is PI and data[0] == 'python':
+                if not self.allow_exec:
+                    raise TemplateSyntaxError('Python code blocks not allowed',
+                                              self.filepath, *pos[1:])
                 try:
                     # As Expat doesn't report whitespace between the PI target
                     # and the data, we have to jump through some hoops here to
Copyright (C) 2012-2017 Edgewall Software