MCPcopy
hub / github.com/OpenBMB/UltraRAG / _safe_render

Function _safe_render

servers/prompt/src/prompt.py:74–95  ·  view source on GitHub ↗

Safely render a template with escaped user inputs. Args: template: Jinja2 Template object **kwargs: Template variables (will be escaped if strings) Returns: Rendered template string

(template: Template, **kwargs: Any)

Source from the content-addressed store, hash-verified

72
73
74def _safe_render(template: Template, **kwargs: Any) -> str:
75 """Safely render a template with escaped user inputs.
76
77 Args:
78 template: Jinja2 Template object
79 **kwargs: Template variables (will be escaped if strings)
80
81 Returns:
82 Rendered template string
83 """
84 # Escape all string inputs to prevent XSS and injection
85 safe_kwargs = {}
86 for key, value in kwargs.items():
87 if isinstance(value, str):
88 safe_kwargs[key] = escape(value)
89 elif isinstance(value, list):
90 # Escape string items in lists
91 safe_kwargs[key] = [escape(str(item)) if isinstance(item, str) else item for item in value]
92 else:
93 safe_kwargs[key] = value
94
95 return template.render(**safe_kwargs)
96
97
98@app.prompt(output="q_ls,template->prompt_ls")

Callers 15

qa_boxedFunction · 0.85
qa_with_memoryFunction · 0.85
qa_boxed_multiple_choiceFunction · 0.85
qa_rag_boxedFunction · 0.85
qa_rag_with_memoryFunction · 0.85
RankCoT_krFunction · 0.85
RankCoT_qaFunction · 0.85
ircot_next_promptFunction · 0.85
webnote_init_pageFunction · 0.85
webnote_gen_planFunction · 0.85
webnote_gen_subqFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected