Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: TemplatePage.can_render [v13] #20261

Merged
merged 1 commit into from
Mar 6, 2023
Merged

fix: TemplatePage.can_render [v13] #20261

merged 1 commit into from
Mar 6, 2023

Conversation

gavindsouza
Copy link
Collaborator

v13 port of #20257, previously attempted by #12453

Don't render python executable/loadable files. This restricts access to reading/downloading possibly private Python source code from Frappe applications

@gavindsouza
fix: TemplatePage.can_render
1e76b85 
Don't render python executable/loadable files from TemplatePage
renderer. This restricts access to reading/downloading possibly
private Python source code from Frappe applications
@gavindsouza gavindsouza requested a review from a team as a code owner March 6, 2023 07:39
@gavindsouza gavindsouza requested review from phot0n and removed request for a team March 6, 2023 07:39
@gavindsouza gavindsouza changed the title fix: TemplatePage.can_render fix: TemplatePage.can_render [v13] Mar 6, 2023
@ankush ankush merged commit 2b10d6b into frappe:version-13-hotfix Mar 6, 2023
frappe-pr-bot pushed a commit that referenced this pull request Mar 8, 2023
@frappe-bot
chore(release): Bumped to Version 13.51.0
136c6c7 
# [13.51.0](v13.50.3...v13.51.0) (2023-03-08)

### Bug Fixes

* **DX:** better error message for notification from reference doctype ([c856e7b](c856e7b))
* **print:** Overflow wrap anywhere if a long word is found ([37f1870](37f1870))
* Remove fallback empty string for value ([3c2d853](3c2d853))
* Run after_hooks only if site is initialized ([#20207](#20207)) ([bcb0d29](bcb0d29))
* TemplatePage.can_render ([#20261](#20261)) ([2b10d6b](2b10d6b))
* Use `word-break` property for print media to avoid overflow ([0ed25cd](0ed25cd))
* Use double quotes in template to avoid failure ([943ae52](943ae52))

### Features

* **Calendar:** Add a new option `convertToUserTz` to address timezone inconsistencies (backport [#20051](#20051)) ([#20133](#20133)) ([2af957a](2af957a))
@frappe-pr-bot
Copy link
Collaborator

🎉 This PR is included in version 13.51.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 23, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ankush ankush ankush approved these changes

@phot0n phot0n Awaiting requested review from phot0n phot0n is a code owner automatically assigned from frappe/frappe-review-team

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@gavindsouza @frappe-pr-bot @ankush