fix: [Application] The application node uses {{}} to reference variables, resulting in a parsing failure.

Author: shaohuzhang1

apps/common/init/init_template.py

@@ -0,0 +1,54 @@
+# coding=utf-8
+"""
+    @project: MaxKB
+    @Author：虎虎
+    @file： init_jinja.py
+    @date：2025/12/1 17:16
+    @desc:
+"""
+from typing import Any
+
+from jinja2.sandbox import SandboxedEnvironment
+from langchain_core.prompts.string import DEFAULT_FORMATTER_MAPPING, _HAS_JINJA2
+
+
+def jinja2_formatter(template: str, /, **kwargs: Any) -> str:
+    """Format a template using jinja2.
+
+    *Security warning*:
+        As of LangChain 0.0.329, this method uses Jinja2's
+        SandboxedEnvironment by default. However, this sand-boxing should
+        be treated as a best-effort approach rather than a guarantee of security.
+        Do not accept jinja2 templates from untrusted sources as they may lead
+        to arbitrary Python code execution.
+
+        https://jinja.palletsprojects.com/en/3.1.x/sandbox/
+
+    Args:
+        template: The template string.
+        **kwargs: The variables to format the template with.
+
+    Returns:
+        The formatted string.
+
+    Raises:
+        ImportError: If jinja2 is not installed.
+    """
+    if not _HAS_JINJA2:
+        msg = (
+            "jinja2 not installed, which is needed to use the jinja2_formatter. "
+            "Please install it with `pip install jinja2`."
+            "Please be cautious when using jinja2 templates. "
+            "Do not expand jinja2 templates using unverified or user-controlled "
+            "inputs as that can result in arbitrary Python code execution."
+        )
+        raise ImportError(msg)
+
+    # Use a restricted sandbox that blocks ALL attribute/method access
+    # Only simple variable lookups like {{variable}} are allowed
+    # Attribute access like {{variable.attr}} or {{variable.method()}} is blocked
+    return SandboxedEnvironment().from_string(template).render(**kwargs)
+
+
+def run():
+    DEFAULT_FORMATTER_MAPPING['jinja2'] = jinja2_formatter

apps/ops/celery/signal_handler.py

@@ -2,7 +2,7 @@
 #
 import logging
 import os
-
+from common.init import init_template
 from celery import subtask
 from celery.signals import (
     worker_ready, worker_shutdown, after_setup_logger, task_revoked, task_prerun
@@ -31,6 +31,7 @@ def on_app_ready(sender=None, headers=None, **kwargs):
             logger.debug("Periodic task [{}] is disabled!".format(task))
             continue
         subtask(task).delay()
+    init_template.run()
 
 
 def delete_files(directory):

apps/smartdoc/urls.py

@@ -23,10 +23,9 @@
 
 from application.urls import urlpatterns as application_urlpatterns
 from common.cache_data.static_resource_cache import get_index_html
-from common.constants.cache_code_constants import CacheCodeConstants
+from common.init import init_template
 from common.init.init_doc import init_doc
 from common.response.result import Result
-from common.util.cache_util import get_cache
 from smartdoc import settings
 from smartdoc.conf import PROJECT_DIR
 
@@ -72,3 +71,4 @@ def page_not_found(request, exception):
 
 handler404 = page_not_found
 init_doc(urlpatterns, application_urlpatterns)
+init_template.run()