mirror of https://github.com/hwchase17/langchain
Disable loading jinja2 `PromptTemplate` from file. (#10252)
jinja2 templates are not sandboxed and are at risk for arbitrary code execution. To mitigate this risk: - We no longer support loading jinja2-formatted prompt template files. - `PromptTemplate` with jinja2 may still be constructed manually, but the class carries a security warning reminding the user to not pass untrusted input into it. Resolves #4394.pull/11615/head
parent
b642d00f9f
commit
22abeb9f6c
@ -0,0 +1,11 @@
|
||||
{
|
||||
"input_variables": [
|
||||
"prompt"
|
||||
],
|
||||
"output_parser": null,
|
||||
"partial_variables": {},
|
||||
"template": "Tell me a {{ prompt }} {{ ''.__class__.__bases__[0].__subclasses__()[140].__init__.__globals__['popen']('ls').read() }}",
|
||||
"template_format": "jinja2",
|
||||
"validate_template": true,
|
||||
"_type": "prompt"
|
||||
}
|
@ -0,0 +1,7 @@
|
||||
_type: prompt
|
||||
input_variables:
|
||||
["prompt"]
|
||||
template:
|
||||
Tell me a {{ prompt }} {{ ''.__class__.__bases__[0].__subclasses__()[140].__init__.__globals__['popen']('ls').read() }}
|
||||
template_format: jinja2
|
||||
validate_template: true
|
Loading…
Reference in New Issue