StackStorm/st2

Add 'shell_escape' Jinja filter

Open

#3564 opened on Jul 11, 2017

View on GitHub
 (2 comments) (4 reactions) (1 assignee)Python (5,794 stars) (740 forks)batch import
complexity:easyfeaturegood first issue

Description

Hello Team,

I have tried to use local shell command to print the long string contains special characters. However it failed with below error as the output contains non-standard characters. It would be good if we can add shell_escape Jinja filter: https://docs.stackstorm.com/reference/jinja.html#applying-filters-with-jinja to handle cases like that when "dangerous" string is passed to shell command.

Failure error: bash: line 10: ok:: command not found bash: line 12: TASK: command not found bash: line 13: {: Permission denied bash: line 14: msg:: command not found

Contributor guide

Tech stack
python
Domain
backendsecurity
Issue type
feature
DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
3
Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
half day
Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
stale
ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
clear
Prerequisites
PythonJinja2 templatingShell escaping
Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
55
Research direction
Examine the existing Jinja filter implementation in the StackStorm codebase (likely in st2common/filters.py or similar). Look at the documentation linked for the shell escape filter pattern. Check if the assignee has made any progress or if there is a related branch. Consider implementing a filter that escapes shell metacharacters using Python's shlex.quote or similar. Create a new filter function and register it.