mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-30 20:39:39 +02:00
[pitboss] phase 04: Track J.2 + Track L.2 — SSTI corpus + Jinja2 / ERB / Twig / Thymeleaf / Handlebars adapters
This commit is contained in:
parent
b5e6dddf2c
commit
8583b29796
34 changed files with 1868 additions and 29 deletions
14
tests/dynamic_fixtures/ssti/php_twig/benign.php
Normal file
14
tests/dynamic_fixtures/ssti/php_twig/benign.php
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
<?php
|
||||
// Phase 04 (Track J.2) — PHP Twig benign control fixture.
|
||||
//
|
||||
// Renders a fixed template that interpolates the user value as a
|
||||
// variable; the body never reaches the template compiler.
|
||||
use Twig\Environment;
|
||||
use Twig\Loader\ArrayLoader;
|
||||
|
||||
function run(string $body): string {
|
||||
$twig = new Environment(new ArrayLoader([
|
||||
'page' => '{{ safe_body }}',
|
||||
]));
|
||||
return $twig->render('page', ['safe_body' => $body]);
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue