Merge pull request #7971 from adityahase/fix-jinja-2-develop

fix(security): Make jinja rendering tighter
2019-07-24 18:46:58 +05:30 · 2019-07-24 18:46:58 +05:30 · eb03d9bbb2
commit eb03d9bbb2
parent 87f41b8b0e d70d2c5a29
1 changed files with 1 additions and 1 deletions
--- a/frappe/utils/jinja.py
+++ b/frappe/utils/jinja.py
@ -71,7 +71,7 @@ def render_template(template, context, is_path=None, safe_render=True):
 		or (template.endswith('.html') and '\n' not in template)):
 		return get_jenv().get_template(template).render(context)
 	else:
-		if safe_render and ".__" in template:
+		if safe_render and "__" in template:
 			throw("Illegal template")
 		try:
 			return get_jenv().from_string(template).render(context)