Permalink
Browse files

chore: add configuration for EJS includes limit

  • Loading branch information...
operatino committed Sep 20, 2015
1 parent f5dc7ec commit 823f37788e5b3b4bf9e530da5e09eaebfc6ce474
Showing with 16 additions and 19 deletions.
  1. +0 −4 core/auth.js
  2. +7 −1 core/ejsHelpers.js
  3. +1 −3 core/middlewares/clarify.js
  4. +1 −2 core/middlewares/read.js
  5. +3 −8 core/middlewares/wrap.js
  6. +4 −1 options.js
View
@@ -65,8 +65,6 @@ module.exports = function(app) {
app.get('/auth/stub', function (req, res) {
res.send(ejs.render(authTemplate, {
user: JSON.stringify({})
}, {
sandbox: global.pathToApp
}));
});
@@ -75,8 +73,6 @@ module.exports = function(app) {
res.send(ejs.render(authTemplate, {
user: JSON.stringify(getUser(currentUserId))
}, {
sandbox: global.pathToApp
}));
});
View
@@ -102,7 +102,7 @@ ejs.render = function(template, data, options){
// No options object -- if there are optiony names
// in the data, copy them to options
if (arg=uments.length == 2) {
if (arguments.length === 2) {
cpOptsInData(data, options);
}
@@ -111,5 +111,11 @@ ejs.render = function(template, data, options){
includeFiles: includeFiles(data, options)
});
if (global.opts.core.sandboxIncludes) {
_.assign(options, {
sandbox: global.pathToApp
});
}
return originalRenderer(template, data, options);
};
@@ -312,9 +312,7 @@ module.exports.process = function(req, res, next) {
var html = '';
try {
html = ejs.render(tpl, templateJSON, {
sandbox: global.pathToApp
});
html = ejs.render(tpl, templateJSON);
} catch (err) {
var msg = 'Clarify: ERROR with EJS rendering failed';
View
@@ -84,8 +84,7 @@ exports.process = function(req, res, next) {
engineVersion: global.engineVersion,
info: specInfo
}, {
filename: physicalPath,
sandbox: global.pathToApp
filename: physicalPath
});
} catch(err){
global.log.warn('Could not pre-render spec with EJS: ' + req.path, err);
View
@@ -82,10 +82,7 @@ exports.process = function (req, res, next) {
};
try {
templateJSON.header = ejs.render(heagerFooter.header, templateJSON, {
filename: heagerFooter.headerPath,
sandbox: global.pathToApp
});
templateJSON.header = ejs.render(heagerFooter.header, templateJSON);
} catch(err){
var headerMsg = 'Error: EJS could render header template: ' + heagerFooter.headerPath;
templateJSON.header = headerMsg;
@@ -94,8 +91,7 @@ exports.process = function (req, res, next) {
try {
templateJSON.footer = ejs.render(heagerFooter.footer, templateJSON, {
filename: heagerFooter.footerPath,
sandbox: global.pathToApp
filename: heagerFooter.footerPath
});
} catch(err){
var footerMsg = 'Error: EJS could render footer template: ' + heagerFooter.footerPath;
@@ -106,8 +102,7 @@ exports.process = function (req, res, next) {
// render page and send it as response
try {
req.specData.renderedHtml = ejs.render(template, templateJSON, {
filename: templatePath,
sandbox: global.pathToApp
filename: templatePath
});
} catch(err){
req.specData.renderedHtml = 'Error rendering Spec with EJS: ' + template;
View
@@ -67,7 +67,10 @@ module.exports = {
// Anonymous user statistics tracking.
// Used to get insights about the community and improve engine usage experience.
enabled: true
}
},
// Limits EJS includes, allowing only files in project root
sandboxIncludes: true
},
// Page rendering configuration (redefinable from context options)

0 comments on commit 823f377

Please sign in to comment.