mirror of https://github.com/hwchase17/langchain
Disable loading jinja2 `PromptTemplate` from file. (#10252)
jinja2 templates are not sandboxed and are at risk for arbitrary code execution. To mitigate this risk: - We no longer support loading jinja2-formatted prompt template files. - `PromptTemplate` with jinja2 may still be constructed manually, but the class carries a security warning reminding the user to not pass untrusted input into it. Resolves #4394.pull/11615/head
parent
b642d00f9f
commit
22abeb9f6c
@ -0,0 +1,11 @@
|
|||||||
|
{
|
||||||
|
"input_variables": [
|
||||||
|
"prompt"
|
||||||
|
],
|
||||||
|
"output_parser": null,
|
||||||
|
"partial_variables": {},
|
||||||
|
"template": "Tell me a {{ prompt }} {{ ''.__class__.__bases__[0].__subclasses__()[140].__init__.__globals__['popen']('ls').read() }}",
|
||||||
|
"template_format": "jinja2",
|
||||||
|
"validate_template": true,
|
||||||
|
"_type": "prompt"
|
||||||
|
}
|
@ -0,0 +1,7 @@
|
|||||||
|
_type: prompt
|
||||||
|
input_variables:
|
||||||
|
["prompt"]
|
||||||
|
template:
|
||||||
|
Tell me a {{ prompt }} {{ ''.__class__.__bases__[0].__subclasses__()[140].__init__.__globals__['popen']('ls').read() }}
|
||||||
|
template_format: jinja2
|
||||||
|
validate_template: true
|
Loading…
Reference in New Issue