(Mar-22-2022, 05:29 PM)Skaperen Wrote: i want to protect more than just the system. for example, a web server in Python running some untrusted code with a call to "exit()". preventing this was my first thought.
danthedeckie Wrote:Or if you want to allow simple formulae in a web application, but don't want to give full eval() access,That's one usage case.
or don't want to run in javascript on the client side
Maybe your doing stuff you should not do in first placeš„
Don't know if you have looked into Template engine as eg Jinja .
Has safe way to render code on server and also call stuff tough macros.
jinja Wrote:
- Template inheritance and inclusion.
- Define and import macros within templates.
- HTML templates can use autoescaping to prevent XSS from untrusted user input.
- A sandboxed environment can safely render untrusted templates.
.....