This documentation is archived and is not being maintained.

Security of Text Templates 

Text templates have the following security concerns:

  • Text templates are vulnerable to arbitrary code insertions.

  • If the mechanism that the host uses to find a directive processor is not secure, a malicious directive processor could be run.

Arbitrary Code

When you write a template, you can put any code within the <# #> tags. This allows arbitrary code to be executed from within a text template.

Be sure you obtain templates from trusted sources and warn end users not to execute templates they receive from non-trusted sources.

Malicious Directive Processor

The text template transformation process takes a text template file as the input, and produces a new text file as the output. The engine component controls the process, and interacts with a text template transformation host and one or more text template directive processors to complete the process. For more information, see Architecture of the Text Template Transformation Process.

If the mechanism that the host uses to find a directive processor is not secure, a malicious directive processor could be run. The malicious directive processor could provide code that is run in FullTrust mode when the template is run. If you create a custom text template transformation host, you must use a secure mechanism, such as the registry, to locate directive processors.

See Also

Show: