jinja2.sandbox.SandboxedEnvironment

class jinja2.sandbox.SandboxedEnvironment(*args, **kwargs)[source]

The sandboxed environment. It works like the regular environment but tells the compiler to generate sandboxed code. Additionally subclasses of this environment may override the methods that tell the runtime what attributes or functions are safe to access.

If the template tries to access insecure code a SecurityError is raised. However also other exceptions may occour during the rendering so the caller has to ensure that all exceptions are catched.

Methods

__init__(*args, **kwargs)
add_extension(extension) Adds an extension after the environment was created.
call(_SandboxedEnvironment__self, ...) Call an object from sandboxed code.
call_binop(context, operator, left, right) For intercepted binary operator calls (intercepted_binops()) this function is executed instead of the builtin operator.
call_filter(name, value[, args, kwargs, ...]) Invokes a filter on a value the same way the compiler does it.
call_test(name, value[, args, kwargs]) Invokes a test on a value the same way the compiler does it.
call_unop(context, operator, arg) For intercepted unary operator calls (intercepted_unops()) this function is executed instead of the builtin operator.
compile(source[, name, filename, raw, ...]) Compile a node or template source code.
compile_expression(source[, undefined_to_none]) A handy helper method that returns a callable that accepts keyword arguments that appear as variables in the expression.
compile_templates(target[, extensions, ...]) Finds all the templates the loader can find, compiles them and stores them in target.
extend(**attributes) Add the items to the instance of the environment if they do not exist yet.
from_string(source[, globals, template_class]) Load a template from a string.
get_or_select_template(template_name_or_list) Does a typecheck and dispatches to select_template() if an iterable of template names is given, otherwise to get_template().
get_template(name[, parent, globals]) Load a template from the loader.
getattr(obj, attribute) Subscribe an object from sandboxed code and prefer the attribute.
getitem(obj, argument) Subscribe an object from sandboxed code.
handle_exception([exc_info, rendered, ...]) Exception handling helper.
intercept_unop(operator) Called during template compilation with the name of a unary operator to check if it should be intercepted at runtime.
is_safe_attribute(obj, attr, value) The sandboxed environment will call this method to check if the attribute of an object is safe to access.
is_safe_callable(obj) Check if an object is safely callable.
iter_extensions() Iterates over the extensions by priority.
join_path(template, parent) Join a template with the parent.
lex(source[, name, filename]) Lex the given sourcecode and return a generator that yields tokens as tuples in the form (lineno, token_type, value).
list_templates([extensions, filter_func]) Returns a list of templates for this environment.
make_globals(d) Return a dict for the globals.
overlay([block_start_string, ...]) Create a new overlay environment that shares all the data with the current environment except for cache and the overridden attributes.
parse(source[, name, filename]) Parse the sourcecode and return the abstract syntax tree.
preprocess(source[, name, filename]) Preprocesses the source with all extensions.
select_template(names[, parent, globals]) Works like get_template() but tries a number of templates before it fails.
unsafe_undefined(obj, attribute) Return an undefined object for unsafe attributes.

Attributes

default_binop_table default callback table for the binary operators. A copy of this is
default_unop_table default callback table for the unary operators. A copy of this is
exception_formatter
exception_handler
intercepted_binops a set of binary operators that should be intercepted. Each operator
intercepted_unops a set of unary operators that should be intercepted. Each operator
lexer The lexer for this environment.
linked_to
overlayed
sandboxed
shared