Security
Security utilities for template rendering and input validation.
Classes
PathValidator
Validates file paths to prevent path traversal attacks.
Methods
sanitize_filename
sanitize_filename(filename: str) -> str
Sanitize filename to prevent path traversal.
Parameters:
filename(str, required) - Filename to sanitize
Returns: str
validate_safe_path
validate_safe_path(base_path: pathlib.Path, target_path: pathlib.Path) -> bool
Ensure target path is within base directory.
Parameters:
base_path(Path, required) - Base directory that should contain the targettarget_path(Path, required) - Path to validate
Returns: bool
TemplateSanitizer
Handles sanitization of template inputs to prevent injection attacks.
Methods
sanitize_context_dict
sanitize_context_dict(context_dict: Dict[str, Any]) -> Dict[str, Any]
Sanitize entire context dictionary for template rendering.
Parameters:
context_dict(Dict, required) - Context dictionary to sanitize
Returns: Dict
sanitize_injection_value
sanitize_injection_value(value: Any) -> str
Sanitize injection point values to prevent template injection.
Parameters:
value(Any, required) - The injection value to sanitize
Returns: str
validate_template_complexity
validate_template_complexity(template_content: str) -> None
Validate template complexity to prevent resource exhaustion.
Parameters:
template_content(str, required) - Template content to validate
TemplateSecurityValidator
Comprehensive template security validation.
Methods
validate_template_render
validate_template_render(self, template_content: str, context_dict: Dict[str, Any], output_path: pathlib.Path, base_path: pathlib.Path) -> Dict[str, Any]
Comprehensive validation before template rendering.
Parameters:
template_content(str, required) - Template content to validatecontext_dict(Dict, required) - Context dictionary to validateoutput_path(Path, required) - Target output pathbase_path(Path, required) - Base directory for path validation
Returns: Dict