Safe ERB Language?

I wonder if there is a safe template that reassemble ERB. ERB is very easy to use, but the deadly part to use that in开发者_如何学Go a CMS is the over powerful access (you can just write some really nasty stuff with that in a matter of seconds...) So I wonder if there is any chance such language exist.

Please I don't want radius/liquid..... writing extension for that is too much trouble and the template syntax itself is just not my cup of tea... I would want to avoid it if ever possible.

Update: This is not perfect (as its not erb) but seems way much better than Liquid: http://github.com/scottpersinger/laminate

You have to use Lua for your template, but Lua is already a lot better than trying to use liquid (which disable you from doing a simple assignment syntax...)

You should consider Handlebars.rb. It "uses therubyracer to bind to the actual JavaScript implementation of Handlebars.js so that you can use it from ruby."

Here is their example code:

require 'handlebars'
handlebars = Handlebars::Context.new
template = handlebars.compile("{{say}}{{what}}")
template.call(:say => "Hey", :what => "Yuh!") #=> "Hey Yuh!"

Although you wrote "Please I don't want radius/liquid", I don't understand your reluctance. Just go to the Liquid page and see how easy it is:

gem install liquid

Here is an example snippet:

<ul id="products">
  {% for product in products %}
    <li>
      <h2>{{ product.title }}</h2>
      Only {{ product.price | format_as_money }}

      <p>{{ product.description | prettyprint | truncate: 200  }}</p>
    </li>
  {% endfor %}
</ul>

And, to use it:

Liquid::Template.parse(template).render 'products' => Product.find(:all)

You should also consider Mustache:

Mustache.render("Hello {{planet}}", :planet => "World!")
=> "Hello World!"