Add 'shell_escape' Jinja filter · StackStorm/st2#3564

(2 留言) (4 反應) (1 負責人)Python (5,794 star) (740 fork)batch import

complexity:easyfeaturegood first issue

描述

Hello Team,

I have tried to use local shell command to print the long string contains special characters. However it failed with below error as the output contains non-standard characters. It would be good if we can add shell_escape Jinja filter: https://docs.stackstorm.com/reference/jinja.html#applying-filters-with-jinja to handle cases like that when "dangerous" string is passed to shell command.

Failure error: bash: line 10: ok:: command not found bash: line 12: TASK: command not found bash: line 13: {: Permission denied bash: line 14: msg:: command not found

貢獻者指南

技術棧: python
領域: backendsecurity
議題類型: feature
難度: 3
預計時間: half day
活動狀態: stale
清晰度: clear
前置要求: PythonJinja2 templatingShell escaping
新手友善度: 55
研究方向: Examine the existing Jinja filter implementation in the StackStorm codebase (likely in st2common/filters.py or similar). Look at the documentation linked for the shell escape filter pattern. Check if the assignee has made any progress or if there is a related branch. Consider implementing a filter that escapes shell metacharacters using Python's shlex.quote or similar. Create a new filter function and register it.