documentation update --HG-- branch : trunk

commit: 5cdc1ac3d936f54811422c1b78b33dd0fa37a317 [log] [tgz]
author: Armin Ronacher <armin.ronacher@active-4.com> Wed May 07 12:17:18 2008 +0200
committer: Armin Ronacher <armin.ronacher@active-4.com> Wed May 07 12:17:18 2008 +0200
tree: 53e4306edc19925179a1174f8bb7803395fb188b
parent: ed98cac76ec3c395c689e1a5befb4b97c9b46e78 [diff] [blame]
diff --git a/docs/sandbox.rst b/docs/sandbox.rst
new file mode 100644
index 0000000..a919df8
--- /dev/null
+++ b/docs/sandbox.rst

@@ -0,0 +1,27 @@
+Sandbox
+=======
+
+The Jinja2 sandbox can be used to evaluate untrusted code.  Access to unsafe
+attributes and methods is prohibited.
+
+Assuming `env` is a :class:`SandboxedEnvironment` in the default configuration
+the following piece of code shows how it works:
+
+>>> env.from_string("{{ func.func_code }}").render(func=lambda:None)
+u''
+>>> env.from_string("{{ func.func_code.do_something }}").render(func=lambda:None)
+Traceback (most recent call last):
+  ...
+SecurityError: access to attribute 'func_code' of 'function' object is unsafe.
+
+
+.. module:: jinja2.sandbox
+
+.. autoclass:: SandboxedEnvironment([options])
+    :members: is_safe_attribute, is_safe_callable
+
+.. autoexception:: SecurityError
+
+.. autofunction:: unsafe
+
+.. autofunction:: is_internal_attribute
commit	5cdc1ac3d936f54811422c1b78b33dd0fa37a317	[log] [tgz]
author	Armin Ronacher <armin.ronacher@active-4.com>	Wed May 07 12:17:18 2008 +0200
committer	Armin Ronacher <armin.ronacher@active-4.com>	Wed May 07 12:17:18 2008 +0200
tree	53e4306edc19925179a1174f8bb7803395fb188b
parent	ed98cac76ec3c395c689e1a5befb4b97c9b46e78 [diff] [blame]