Hi, I'm working on a pylons app and I'm trying to provide a feature that allows users to create their own templates and have them rendered when they go to their own subdomain. For example, arnold.example.com would render using a template that Arnold created and stallone.example.com would render using Stallone's custom templates. A good example is Shopify.com, they provide the exact feature i'm trying to describe. You can see what I mean at their wiki: http://wiki.shopify.com/The_Shopify_Theme_Guide
So far all of my templates are in Mako, which I like. However, I don't think user created Mako templates would be safe (correct me if I'm wrong here) since they give the user so much power. So after poking around on the zzzeek blog I ran stumbled onto a post about Jinja and noticed they had a sandbox environment. This sounds promising, but was looking for opinions from more experienced developers especially with security and template knowledge. With proper configuration, can I be reasonably confident that no sand will escape the box? I would be exposing certain objects and collection of objects for the user templates to operate on, but I don't want users capable of doing things like for user in users: user.delete() Basically, they should not be able to change the state of anything I send to the template, right? (my other alternative is to only allow customing theming with CSS only and leave the HTML generation up to me, but that seems less flexible) Thanks. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
