Re-allow templating of complex_args, but count params to prevent injection

Fixes #8810
2026-05-08 06:12:51 +00:00 · 2014-09-04 16:00:02 -05:00
parent 8bafc646cb
commit 8cc3543918
4 changed files with 45 additions and 21 deletions
--- a/lib/ansible/utils/init.py
+++ b/lib/ansible/utils/init.py
@@ -1268,6 +1268,12 @@ def list_difference(a, b):
            result.append(x)
    return result

+def contains_vars(data):
+    '''
+    returns True if the data contains a variable pattern
+    '''
+    return "$" in data or "{{" in data
+
 def safe_eval(expr, locals={}, include_exceptions=False):
    '''
    This is intended for allowing things like: