🐛 Improve expression security

This commit is contained in:
Jan Oberhauser 2021-11-21 23:13:40 +01:00
parent be6ab8de13
commit 574e07f1f6

View file

@ -117,6 +117,8 @@ export class Expression {
// Execute the expression // Execute the expression
try { try {
// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
tmpl.tmpl('{{global=this;}}', data);
// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
const returnValue = tmpl.tmpl(parameterValue, data); const returnValue = tmpl.tmpl(parameterValue, data);
if (typeof returnValue === 'function') { if (typeof returnValue === 'function') {