I'd like to let the users of my web app customize their pages. Perlmonks does something similar by letting me write my own CSS. I'd like to go one step further and let them write their own template with Template::Toolkit.
I know though that Template can be configured to enable processing of Perl code within the templates, which would of course be an open gate for bad guys.
Can Template::Toolkit be configured to only allow "safe" things done in the templates? Do you think this whole idea is reasonably realizable?
use strict; use warnings; print "Just Another Perl Hacker\n";