Python: Unsafe input handling #6003

eavanvalkenburg · 2024-04-25T12:47:43Z

Motivation and Context

Implements dealing with unsafe content, by doing HTML parsing on variables and function results.

Closes: #5889

Description

Adds parameter allow_dangerously_set_content to:

InputVariable
PromptTemplateConfig
PromptTemplateBase

The behavior is that if the flag is set to True on the template itself (KernelPromptTemplate, Jinja2PromptTemplate or HandlebarsPromptTemplate) the behavior is the same, no encoding is done on inputs.

Otherwise:

variables are encoded by default, this can be switched off using the InputVariables class for that variable.
function output is encoded by default, this can be switched off using the flag in the PromptTemplateConfig, this is not yet possible to do on a per function basis.

Contribution Checklist

The code builds clean without any errors or warnings
The PR follows the SK Contribution Guidelines and the pre-submission formatting script raises no violations
All unit tests pass, and I have added new tests where possible
I didn't break anyone 😄

markwallace-microsoft · 2024-04-25T12:50:15Z

Python 3.10 Test Coverage Report •

File	Stmts	Miss	Cover	Missing
semantic_kernel
kernel.py	314	57	82%	123, 125, 183–186, 188–192, 194–197, 204, 211–220, 257–260, 270–275, 280, 284–287, 380–416, 535–536, 763, 784–786, 822, 824, 834
semantic_kernel/contents
streaming_chat_message_content.py	84	2	98%	193–194
text_content.py	22	2	91%	40, 47
semantic_kernel/functions
kernel_function.py	73	2	97%	142, 161
kernel_function_from_prompt.py	163	5	97%	171, 197, 294, 310, 364
semantic_kernel/planners/sequential_planner
sequential_planner.py	65	6	91%	69, 73, 104, 120, 129–130
semantic_kernel/prompt_template
jinja2_prompt_template.py	44	3	93%	62–64
kernel_prompt_template.py	85	3	96%	119–121
prompt_template_config.py	51	6	88%	39, 47, 68, 73–74, 82
semantic_kernel/prompt_template/utils
handlebars_system_helpers.py	93	3	97%	16, 43–44
jinja2_system_helpers.py	48	3	94%	15, 45, 50
semantic_kernel/template_engine/blocks
code_block.py	70	1	99%	130
TOTAL	6089	1061	83%

Python 3.10 Unit Test Overview

Tests	Skipped	Failures	Errors	Time
1278	1 💤	0 ❌	0 🔥	14.816s ⏱️

python/tests/unit/prompt_template/test_prompt_template_e2e.py

python/tests/unit/contents/test_chat_history.py

python/semantic_kernel/prompt_template/prompt_template_base.py

python/tests/unit/prompt_template/test_prompt_template_e2e.py

eavanvalkenburg added 10 commits April 25, 2024 09:09

WIP in new cmc

616c7a0

New CMC and function call content

16549d4

update to GP

1e56e6a

fixed tests and some samples

604d09c

tests covered

97b37bf

update pre-commit

6d06158

updated sample

c3027d4

updated integration tests

030c470

basics of unsafe parsing implemented

3ab7ab4

Merge remote-tracking branch 'upstream/main' into unsafe_input

f01580d

eavanvalkenburg requested a review from a team as a code owner April 25, 2024 12:47

markwallace-microsoft added the python Pull requests for the Python Semantic Kernel label Apr 25, 2024

eavanvalkenburg marked this pull request as draft April 25, 2024 14:04

eavanvalkenburg added 2 commits April 25, 2024 16:07

WIP

e43b8ff

Merge remote-tracking branch 'upstream/main' into unsafe_input

603e2a0

eavanvalkenburg force-pushed the unsafe_input branch from d084027 to 603e2a0 Compare May 13, 2024 07:19

refined unsafe content

32ce451

eavanvalkenburg marked this pull request as ready for review May 13, 2024 11:18

markwallace-microsoft added the documentation label May 13, 2024

eavanvalkenburg added 2 commits May 13, 2024 13:19

Merge remote-tracking branch 'upstream/main' into unsafe_input

853fad5

removed Self

dd90ead

markwallace-microsoft reviewed May 13, 2024

View reviewed changes

python/tests/unit/prompt_template/test_prompt_template_e2e.py Outdated Show resolved Hide resolved

eavanvalkenburg added 2 commits May 14, 2024 12:33

added safe tests e2e

9bad529

Merge remote-tracking branch 'upstream/main' into unsafe_input

1aa798a

moonbox3 approved these changes May 14, 2024

View reviewed changes

eavanvalkenburg and others added 2 commits May 14, 2024 15:52

Merge branch 'main' into unsafe_input

cd566ca

updated name of parameter

3cde728

eavanvalkenburg enabled auto-merge May 15, 2024 07:15

markwallace-microsoft reviewed May 15, 2024

View reviewed changes

eavanvalkenburg added 3 commits May 15, 2024 14:20

updated tests and improvement in xml parsing

43cf27c

test fixes

c50f36c

Merge remote-tracking branch 'upstream/main' into unsafe_input

9a0011d

markwallace-microsoft approved these changes May 16, 2024

View reviewed changes

eavanvalkenburg added this pull request to the merge queue May 16, 2024

Merged via the queue into microsoft:main with commit 08bcc80 May 16, 2024
25 checks passed

eavanvalkenburg deleted the unsafe_input branch May 16, 2024 13:12

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Python: Unsafe input handling #6003

Python: Unsafe input handling #6003

eavanvalkenburg commented Apr 25, 2024 •

edited

Loading

markwallace-microsoft commented Apr 25, 2024 •

edited

Loading

Python: Unsafe input handling #6003

Python: Unsafe input handling #6003

Conversation

eavanvalkenburg commented Apr 25, 2024 • edited Loading

Motivation and Context

Description

Contribution Checklist

markwallace-microsoft commented Apr 25, 2024 • edited Loading

Python 3.10 Unit Test Overview

eavanvalkenburg commented Apr 25, 2024 •

edited

Loading

markwallace-microsoft commented Apr 25, 2024 •

edited

Loading