URL: https://latte.nette.org/en/safety-first
URL: https://latte.nette.org/en/sandbox
URL: https://latte.nette.org/en/guide
Currently, the documentation requires the user to avoid dangerous assumptions and find the relevant information to prevent vulnerabilities.
For example, Latte is presented as the safest template engine for PHP, which is based on advanced protections against XSS. This is misleading, as "safe template engine" is often understood in the context of user-supplied templates and SSTI, not XSS.
Another potential pitfall is present with the sandbox documentation. Users are presented with a way to set a policy and create a safe baseline, and only then there is an explanation that the sandbox is not applied globally by default. The users might create the policy by reading the beginning on the page, and assume that it would be applied to all templates.
The documentation should warn about such pitfalls in advance, to direct users to appropriate information.
Example improvenents:
- Add a warning about requiring a sandbox for user-supplied templates to the beginning of https://latte.nette.org/en/guide
- Make it more clear, that safety specifically refers to protection against XSS when the template itself is trusted
- Add a similar warning about requiring a sandbox for user-supplied templates to the beginning of https://latte.nette.org/en/safety-first (and a warning about XSS in untrusted templates)
- Maybe add a section about SSTI to explain why sandbox is needed and what policies the users should avoid
- Add a warning about the sandbox not being enabled globally by default to https://latte.nette.org/en/sandbox (place it before explaining how to set a policy)
- Create a security considerations page/section to warn users about potentially dangerous things that generally should not be allowed inside the sandbox
URL: https://latte.nette.org/en/safety-first
URL: https://latte.nette.org/en/sandbox
URL: https://latte.nette.org/en/guide
Currently, the documentation requires the user to avoid dangerous assumptions and find the relevant information to prevent vulnerabilities.
For example, Latte is presented as the safest template engine for PHP, which is based on advanced protections against XSS. This is misleading, as "safe template engine" is often understood in the context of user-supplied templates and SSTI, not XSS.
Another potential pitfall is present with the sandbox documentation. Users are presented with a way to set a policy and create a safe baseline, and only then there is an explanation that the sandbox is not applied globally by default. The users might create the policy by reading the beginning on the page, and assume that it would be applied to all templates.
The documentation should warn about such pitfalls in advance, to direct users to appropriate information.
Example improvenents: