diff --git a/frappe/utils/help.py b/frappe/utils/help.py
index 352923bbf3..015d01066d 100644
--- a/frappe/utils/help.py
+++ b/frappe/utils/help.py
@@ -143,7 +143,7 @@ class HelpDatabase(object):
 							with io.open(fpath, 'r', encoding = 'utf-8') as f:
 								try:
 									content = frappe.render_template(f.read(),
-										{'docs_base_url': '/assets/{app}_docs'.format(app=app)})
+										{'docs_base_url': '/assets/{app}_docs'.format(app=app)}, safe_render=False)
 
 									relpath = self.get_out_path(fpath)
 									relpath = relpath.replace("user", app)
diff --git a/frappe/utils/jinja.py b/frappe/utils/jinja.py
index e5ef833c99..dca6d8a066 100644
--- a/frappe/utils/jinja.py
+++ b/frappe/utils/jinja.py
@@ -50,12 +50,14 @@ def validate_template(html):
 		frappe.msgprint('Line {}: {}'.format(e.lineno, e.message))
 		frappe.throw(frappe._("Syntax error in template"))
 
-def render_template(template, context, is_path=None):
+def render_template(template, context, is_path=None, safe_render=True):
 	'''Render a template using Jinja
 
 	:param template: path or HTML containing the jinja template
 	:param context: dict of properties to pass to the template
-	:param is_path: (optional) assert that the `template` parameter is a path'''
+	:param is_path: (optional) assert that the `template` parameter is a path
+	:param safe_render: (optional) prevent server side scripting via jinja templating 
+	'''
 
 	from frappe import throw
 
@@ -68,7 +70,7 @@ def render_template(template, context, is_path=None):
 		or (template.endswith('.html') and '\n' not in template)):
 		return get_jenv().get_template(template).render(context)
 	else:
-		if ".__" in template:
+		if safe_render and ".__" in template:
 			throw("Illegal template")
 		return get_jenv().from_string(template).render(context)