I want to include a file that could have unsanitized user input i.e. {{include "example.txt"}}. But if templates are enabled then all template placeholders in that file are parsed as well (even if templates aren’t configured to parse that file as a template), which is very dangerous. Is there a way to safely include raw without parsing templates?
1 Like
Good question, I wonder if there’s some sort of way to use raw strings:
{{`untrusted`}}
Maybe through the use of printf…
This topic was automatically closed after 30 days. New replies are no longer allowed.