Add an option to block inputted Jinja from rendering on workflow load
Alex Steele
Currently, Jinja expressions in inputs are automatically rendered when the workflow loads. This creates a risk of unintended Jinja injection, especially when handling data from external sources or URL parameters.
To improve security and control, it would be helpful to have an option that prevents inputted Jinja from being evaluated immediately upon workflow execution.
Log In
Ethan Oscini
In my opinion this is really important for App Builder. I'm holding off on using the App Builder until something like this is implemented, or other Jinja injection preventions, as this could easily be used as an attack vector