Can anyone point me in the direction of a template engine I could use that would be safe/secure to let customers edit templates in?I'd like to provide a template syntax as part of a CMS I am developing, where I provide a context with some objects customers can access and they use this to write their own templates.What I'm considering so far:liquid-nodeThis looks good, downside is it also looks a bit dated and hasn't had any work done on it in over a year from what I can tell, but it does explicitly state the goal as to what I'm looking for.liquidjsSimilar to above but more recent development, not sure if it is as secure though as it doesn't state anywhere explicitly that the intention is to be customer safe.HandlebarsLogicless and simple - would it be ok to execute customer templates server side?MustacheEven less logic than above. Could this be a safe bet?
Submitted December 19, 2018 at 10:13AM by deathtostackoverflow
No comments:
Post a Comment