Add a warning for Jython users who don't get to see if their code is …

…safe.
cerezo · Jun 21, 2011 · 5a635e8 · 5a635e8
1 parent e75911f
commit 5a635e8
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/web/template.py b/web/template.py
@@ -923,6 +923,9 @@ def get_source_line(filename, lineno):
             import compiler
             ast = compiler.parse(code)
             SafeVisitor().walk(ast, filename)
+        else:
+            import warnings
+            warnings.warn("SECURITY ISSUE: You are using Jython, which does not support checking templates for safety. Your templates can execute arbitrary code.")
 
         return compiled_code