Merge pull request #2328 from cbxcvl/fix/parse-if-redos

fix(renderer): remove ambiguous \s* from _parse_if regex to prevent ReDoS
2026-05-11 17:08:27 +08:00 · 2026-03-31 02:52:27 +02:00
parent 90a5dd1cd8 6e71050593
commit a4b7a693e5
1 changed files with 1 additions and 1 deletions
@@ -359,7 +359,7 @@ class TemplateRenderer:
            condition_part = condition_part[4:].strip()

        # Extract expression from {{ ... }} if present
-        expr_match = re.match(r'\{\{\s*(.+?)\s*\}\}', condition_part)
+        expr_match = re.match(r'\{\{(.+?)\}\}', condition_part)
        if expr_match:
            condition_expr = expr_match.group(1).strip()
        else: