From d70d2c5a29d4b8fff9d492f50c31afd0a3c06abe Mon Sep 17 00:00:00 2001
From: Aditya Hase <aditya@adityahase.com>
Date: Wed, 24 Jul 2019 16:30:33 +0530
Subject: [PATCH] fix(security): Make jinja rendering tighter

---
 frappe/utils/jinja.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frappe/utils/jinja.py b/frappe/utils/jinja.py
index 7a27fb3c3b..f8745b82c3 100644
--- a/frappe/utils/jinja.py
+++ b/frappe/utils/jinja.py
@@ -71,7 +71,7 @@ def render_template(template, context, is_path=None, safe_render=True):
 		or (template.endswith('.html') and '\n' not in template)):
 		return get_jenv().get_template(template).render(context)
 	else:
-		if safe_render and ".__" in template:
+		if safe_render and "__" in template:
 			throw("Illegal template")
 		try:
 			return get_jenv().from_string(template).render(context)