[Templates] Restricting access when RELATIVE is on
Mihai Bazon
mishoo@dynarch.com
Sat, 13 Jan 2007 14:34:35 +0200
Nevermind... looks like RELATIVE doesn't do what I need anyway. :-(
I have this:
INCLUDE_PATH => '/foo'
/foo/bar/index.tt
/foo/bar/baz/other.tt
And in index.tt I want to be able to say:
[% PROCESS baz/other.tt %]
that is, provide a path relative to the directory of the current template.
Now, RELATIVE seems to allow paths relative to the CWD at the time the
Template object was created (which in my case is "/").
Thanks,
-M.
Mihai Bazon wrote:
> Hi folks,
>
> I'd like to use the RELATIVE option since it makes it easier to
> specify template names in code, but is it possible to restrict access
> to a certain directory?
>
> I.e., all templates are in /opt/foo/templates(/...) and I don't want
> to allow someone to say PROCESS '../../../etc/passwd' or something
> like this. Basically TT should be jailed in /opt/foo/templates.
>
> Hints?
>
> Thanks,
> -M.
>
> _______________________________________________
> templates mailing list
> templates@template-toolkit.org
> http://lists.template-toolkit.org/mailman/listinfo/templates