Fix Jinja2 template rendering with autoescape enabled (#690)

* add autoescape true * Update initial_commit.py with space * Update initial_commit.py Add autoescape=True to avoid XSS
awslabs · Apr 5, 2024 · 74e88b8 · 74e88b8
1 parent e02ccae
commit 74e88b8
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/...trap_repository/adf-bootstrap/deployment/lambda_codebase/initial_commit/initial_commit.py b/...trap_repository/adf-bootstrap/deployment/lambda_codebase/initial_commit/initial_commit.py
@@ -510,7 +510,7 @@ def get_files_to_commit(directory_path: Path) -> List[FileToCommit]:
 def create_adf_config_file(props: CustomResourceProperties) -> FileToCommit:
     template = HERE / "adfconfig.yml.j2"
     adf_config = (
-        jinja2.Template(template.read_text(), undefined=jinja2.StrictUndefined)
+        jinja2.Template(template.read_text(), undefined=jinja2.StrictUndefined , autoescape=True)
         .render(vars(props))
         .encode()
     )

diff --git a/src/lambda_codebase/initial_commit/initial_commit.py b/src/lambda_codebase/initial_commit/initial_commit.py
@@ -555,7 +555,7 @@ def create_adf_config_file(
 ) -> FileToCommit:
     template = HERE / input_file_name
     adf_config = (
-        jinja2.Template(template.read_text(), undefined=jinja2.StrictUndefined)
+        jinja2.Template(template.read_text(), undefined=jinja2.StrictUndefined, autoescape=True)
         .render(vars(props))
         .encode()
     )