@rhinostone/swig-jinja2 2.5.0

package/lib/tags/autoescape.js

@@ -0,0 +1,75 @@
+/*!
+ * Jinja2 `{% autoescape %}` tag.
+ *
+ *   {% autoescape true %}{{ html }}{% endautoescape %}    (escape the region)
+ *   {% autoescape false %}{{ html }}{% endautoescape %}   (don't escape)
+ *
+ * Controls auto-escaping of variable output within its body. The escape
+ * decision is baked at parse time: the parser maintains an escape-value
+ * stack that this tag's open pushes onto and `{% endautoescape %}` pops,
+ * so each `{{ … }}` inside the region gets (or omits) the `e` filter tail
+ * accordingly. The emitted IRAutoescape node is therefore inert at the
+ * backend — it exists so the IR tree reflects the region.
+ *
+ * Only the literal keywords `true` and `false` are accepted. A runtime
+ * expression (`{% autoescape some_var %}`) is rejected at parse time —
+ * the parse-time escape model can only resolve a literal strategy.
+ */
+
+var ir = require('@rhinostone/swig-core/lib/ir');
+var utils = require('@rhinostone/swig-core/lib/utils');
+
+var lexer = require('../lexer');
+
+exports.ends = true;
+exports.block = false;
+
+/**
+ * Parse the `{% autoescape %}` tag body. Requires a single BOOL token
+ * (`true` or `false`) and stashes the resolved boolean on
+ * `token.escapeValue` — the parser reads it to push onto the escape-value
+ * stack for the region, and compile reads it to build the IRAutoescape
+ * node.
+ *
+ * @param  {string} str    Tag body.
+ * @param  {number} line   Source line of the opening `{%`.
+ * @param  {object} parser The Jinja2 parser module (unused).
+ * @param  {object} types  Jinja2 lexer token-type enum.
+ * @param  {Array}  stack  Open-tag stack (parser.js manages the push).
+ * @param  {object} opts   Per-call options (honors `opts.filename`).
+ * @param  {object} swig   Swig instance (unused).
+ * @param  {object} token  In-progress TagToken. Gets `token.escapeValue`.
+ * @return {boolean}       Always `true` on success. Throws otherwise.
+ */
+exports.parse = function (str, line, parser, types, stack, opts, swig, token) {
+  var tokens = lexer.read(utils.strip(str));
+  var pos = 0;
+
+  while (pos < tokens.length && tokens[pos].type === types.WHITESPACE) { pos += 1; }
+  var tok = pos < tokens.length ? tokens[pos] : null;
+  if (!tok || tok.type !== types.BOOL) {
+    utils.throwError('Expected "true" or "false" in "autoescape" tag', line, opts.filename);
+  }
+  pos += 1;
+
+  while (pos < tokens.length && tokens[pos].type === types.WHITESPACE) { pos += 1; }
+  if (pos < tokens.length) {
+    utils.throwError('Unexpected token "' + tokens[pos].match + '" in "autoescape" tag', line, opts.filename);
+  }
+
+  token.escapeValue = (tok.match === 'true');
+  return true;
+};
+
+/**
+ * Emit an IRAutoescape node wrapping the recursively-compiled body. The
+ * body's `{{ … }}` outputs already carry (or omit) their `e` tails from
+ * parse time, so the backend emits the body verbatim; the strategy is
+ * carried for IR fidelity.
+ *
+ * @return {object} IRAutoescape node.
+ */
+exports.compile = function (compiler, args, content, parents, options, blockName, token) {
+  var bodyJS = compiler(content, parents, options, blockName);
+  return ir.autoescape(token.escapeValue, [ir.legacyJS(bodyJS)]);
+};

package/lib/tags/block.js

@@ -0,0 +1,82 @@
+/*!
+ * Jinja2 `{% block %}` tag.
+ *
+ * Named override point for template inheritance:
+ *
+ *   {% block <name> %}…{% endblock %}
+ *
+ * The block name must be a bare identifier (dotted paths rejected) and
+ * passes the CVE-2023-25345 `_dangerousProps` guard. The parser captures
+ * the block in `template.blocks[name]` when it appears at the top level
+ * (the block-keying branch is triggered by `token.block && !stack.length`).
+ *
+ * Compile emits an `IRBlock` node with the body wrapped in IRLegacyJS. The
+ * backend's `Block` branch emits the body verbatim — block-override
+ * resolution happens at parse time via `engine.remapBlocks` /
+ * `importNonBlocks`, which substitutes the child's block content into the
+ * parent's token tree before backend emission.
+ */
+
+var ir = require('@rhinostone/swig-core/lib/ir');
+var utils = require('@rhinostone/swig-core/lib/utils');
+var _dangerousProps = require('@rhinostone/swig-core/lib/security').dangerousProps;
+
+var lexer = require('../lexer');
+
+exports.ends = true;
+exports.block = true;
+
+/**
+ * Parse the `{% block %}` tag body. Extracts the bare-identifier name,
+ * validates it, and stashes it on `token.args` so the parser's top-level
+ * block-keying branch can pick it up via `token.args.join('')`.
+ *
+ * @param  {string} str    Tag body.
+ * @param  {number} line   Source line of the opening `{%`.
+ * @param  {object} parser The Jinja2 parser module (unused — names are
+ *                         plain identifiers).
+ * @param  {object} types  Jinja2 lexer token-type enum.
+ * @param  {Array}  stack  Open-tag stack (parser.js manages the push).
+ * @param  {object} opts   Per-call options (honors `opts.filename`).
+ * @param  {object} swig   Swig instance (unused).
+ * @param  {object} token  In-progress TagToken. `token.args` gets the
+ *                         block name as its single element.
+ * @return {boolean}       Always `true` on success. Throws otherwise.
+ */
+exports.parse = function (str, line, parser, types, stack, opts, swig, token) {
+  var tokens = lexer.read(utils.strip(str));
+  var pos = 0;
+
+  while (pos < tokens.length && tokens[pos].type === types.WHITESPACE) { pos += 1; }
+  var nameTok = pos < tokens.length ? tokens[pos] : null;
+  if (!nameTok || nameTok.type !== types.VAR) {
+    utils.throwError('Expected block name in "block" tag', line, opts.filename);
+  }
+  if (nameTok.match.indexOf('.') !== -1) {
+    utils.throwError('Block name "' + nameTok.match + '" must be a bare identifier', line, opts.filename);
+  }
+  if (_dangerousProps.indexOf(nameTok.match) !== -1) {
+    utils.throwError('Unsafe block name "' + nameTok.match + '" is not allowed (CVE-2023-25345)', line, opts.filename);
+  }
+
+  pos += 1;
+  while (pos < tokens.length && tokens[pos].type === types.WHITESPACE) { pos += 1; }
+  if (pos < tokens.length) {
+    utils.throwError('Unexpected token "' + tokens[pos].match + '" after block name', line, opts.filename);
+  }
+
+  token.args = [nameTok.match];
+  return true;
+};
+
+/**
+ * Emit an IRBlock node. Body is the recursively-compiled content wrapped in
+ * IRLegacyJS. Mirrors the native `block` compile shape so the backend's
+ * `Block` branch treats both frontends the same.
+ *
+ * @return {object} IRBlock node.
+ */
+exports.compile = function (compiler, args, content, parents, options) {
+  var name = args.join('');
+  return ir.block(name, [ir.legacyJS(compiler(content, parents, options, name))]);
+};

package/lib/tags/elif.js

@@ -0,0 +1,33 @@
+/*!
+ * Jinja2 `{% elif %}` branch marker.
+ *
+ * Valid only inside an `{% if %}` body. Parses its test expression onto
+ * `token.irExpr`; the enclosing `if` tag's compile consumes the marker and
+ * splits its branches at it. The marker never reaches the backend on its
+ * own — `compile` only fires if an `elif` somehow escapes an `if`, which
+ * the parse-time stack check already prevents.
+ */
+
+var utils = require('@rhinostone/swig-core/lib/utils');
+
+var lexer = require('../lexer');
+
+exports.ends = false;
+exports.block = false;
+
+exports.parse = function (str, line, parser, types, stack, opts, swig, token) {
+  var top = stack[stack.length - 1];
+  if (!top || top.name !== 'if') {
+    utils.throwError('"elif" is only valid inside an "if" tag', line, opts.filename);
+  }
+  var tokens = lexer.read(utils.strip(str));
+  if (!tokens.length) {
+    utils.throwError('Expected conditional expression in "elif" tag', line, opts.filename);
+  }
+  token.irExpr = parser.parseExpr(tokens);
+  return true;
+};
+
+exports.compile = function () {
+  throw new Error('"elif" used outside an "if" tag.');
+};

package/lib/tags/else.js

@@ -0,0 +1,27 @@
+/*!
+ * Jinja2 `{% else %}` branch marker.
+ *
+ * Valid inside an `{% if %}` body (the final fallback branch) or a
+ * `{% for %}` body (the empty-iterable branch). It carries no expression;
+ * the enclosing tag's compile consumes the marker and splits its body at
+ * it. The marker never reaches the backend on its own — `compile` only
+ * fires if an `else` escapes its enclosing tag, which the parse-time stack
+ * check already prevents.
+ */
+
+var utils = require('@rhinostone/swig-core/lib/utils');
+
+exports.ends = false;
+exports.block = false;
+
+exports.parse = function (str, line, parser, types, stack, opts, swig, token) {
+  var top = stack[stack.length - 1];
+  if (!top || (top.name !== 'if' && top.name !== 'for')) {
+    utils.throwError('"else" is only valid inside an "if" or "for" tag', line, opts.filename);
+  }
+  return true;
+};
+
+exports.compile = function () {
+  throw new Error('"else" used outside an "if" or "for" tag.');
+};

package/lib/tags/extends.js

@@ -0,0 +1,77 @@
+/*!
+ * Jinja2 `{% extends %}` tag.
+ *
+ * Declares a parent template for inheritance:
+ *
+ *   {% extends "layout.html" %}
+ *
+ * Only static string paths are supported here. Dynamic extends
+ * (`{% extends some_var %}`) is rejected at parse time: the engine's
+ * parent-chain resolution (`engine.getParents` + `remapBlocks` +
+ * `importNonBlocks`) walks the chain statically at compile time, so a
+ * runtime-valued parent cannot be resolved on the sync path. Dynamic
+ * extends is the async-codegen path's concern, tracked separately.
+ *
+ * The parser's splitter reads `token.args[0]` and stashes it on
+ * `template.parent`. This tag must push the *unquoted* path as the single
+ * `token.args` element.
+ *
+ * Compile emits nothing — `extends` is a parse-time declaration carried via
+ * `template.parent` metadata; no runtime code is generated for the tag.
+ */
+
+var utils = require('@rhinostone/swig-core/lib/utils');
+
+var lexer = require('../lexer');
+
+exports.ends = false;
+exports.block = true;
+
+/**
+ * Parse the `{% extends %}` tag body. Extracts the STRING literal path,
+ * strips surrounding quotes, and stashes the result as `token.args[0]`.
+ * Rejects anything other than a single STRING token.
+ *
+ * @param  {string} str    Tag body.
+ * @param  {number} line   Source line of the opening `{%`.
+ * @param  {object} parser The Jinja2 parser module (unused — path is a
+ *                         bare string literal).
+ * @param  {object} types  Jinja2 lexer token-type enum.
+ * @param  {Array}  stack  Open-tag stack (unused — extends has no body).
+ * @param  {object} opts   Per-call options (honors `opts.filename`).
+ * @param  {object} swig   Swig instance (unused).
+ * @param  {object} token  In-progress TagToken. `token.args` gets the
+ *                         unquoted parent path as its single element.
+ * @return {boolean}       Always `true` on success. Throws otherwise.
+ */
+exports.parse = function (str, line, parser, types, stack, opts, swig, token) {
+  var tokens = lexer.read(utils.strip(str));
+  var pos = 0;
+
+  while (pos < tokens.length && tokens[pos].type === types.WHITESPACE) { pos += 1; }
+  var pathTok = pos < tokens.length ? tokens[pos] : null;
+  if (!pathTok) {
+    utils.throwError('Expected parent template path in "extends" tag', line, opts.filename);
+  }
+  if (pathTok.type !== types.STRING) {
+    utils.throwError('Dynamic "extends" is not supported — parent path must be a string literal', line, opts.filename);
+  }
+
+  pos += 1;
+  while (pos < tokens.length && tokens[pos].type === types.WHITESPACE) { pos += 1; }
+  if (pos < tokens.length) {
+    utils.throwError('Unexpected token "' + tokens[pos].match + '" after parent path in "extends" tag', line, opts.filename);
+  }
+
+  token.args = [pathTok.match.replace(/^['"]|['"]$/g, '')];
+  return true;
+};
+
+/**
+ * No-op compile. Extends is a parse-time declaration — the parent path
+ * lives on `template.parent`, which the engine's `getParents` reads during
+ * compile. The `{% extends %}` tag itself emits no runtime code.
+ *
+ * @return {undefined}
+ */
+exports.compile = function () {};

package/lib/tags/filter.js

@@ -0,0 +1,205 @@
+/*!
+ * Jinja2 `{% filter name %}…{% endfilter %}` tag.
+ *
+ * Jinja2 filter-block syntax — pipe the captured body through one or more
+ * filters, left-to-right:
+ *
+ *   {% filter upper %}hello{% endfilter %}
+ *   {% filter upper|trim %}  hi  {% endfilter %}
+ *   {% filter replace("a", "b") %}banana{% endfilter %}
+ *   {% filter replace("a", "b")|upper %}banana{% endfilter %}
+ *
+ * Emits `IRLegacyJS` rather than `IRFilter` — `IRFilter` is single-filter
+ * only (backend wraps the body in one `_filters[name](...)` call), and
+ * chains require nested `_filters["f3"](_filters["f2"](_filters["f1"](...),
+ * ...), ...)`. Keeping the chain-emission in the tag avoids growing a new
+ * IR node for what is a JS plumbing shape; consistent with `{% set %}`'s
+ * body-capture form which also emits an IIFE via `IRLegacyJS`.
+ *
+ * CVE-2023-25345 checkpoint applies to each filter name — prototype-chain
+ * names (`__proto__`, `constructor`, `prototype`) are rejected at parse
+ * time. Filter argument expressions go through `parser.parseExpr` and
+ * inherit the `_dangerousProps` guards the expression parser already
+ * applies to VAR / DOTKEY / STRING-in-bracket / FUNCTION callee.
+ */
+
+var ir = require('@rhinostone/swig-core/lib/ir');
+var utils = require('@rhinostone/swig-core/lib/utils');
+var backend = require('@rhinostone/swig-core/lib/backend');
+var _dangerousProps = require('@rhinostone/swig-core/lib/security').dangerousProps;
+
+var lexer = require('../lexer');
+var _t = require('../tokentypes');
+
+exports.ends = true;
+exports.block = false;
+
+/*!
+ * Depth-tracked COMMA-split over the token stream starting at `start`
+ * (which should be the position immediately after the FUNCTION or FILTER
+ * token's implicit open paren). Returns `{ slices, end }` where `end` is
+ * the index of the balancing PARENCLOSE (one past the last consumed arg
+ * token). Throws via `utils.throwError` on unclosed paren.
+ *
+ * Paren / bracket / curly / function all bump depth; PARENCLOSE /
+ * BRACKETCLOSE / CURLYCLOSE drop it; COMMA at depth 1 is a top-level
+ * separator. @private
+ */
+function sliceCallArgs(tokens, start, line, filename) {
+  var depth = 1,
+    argStart = start,
+    slices = [],
+    j;
+  for (j = start; j < tokens.length; j += 1) {
+    var tk = tokens[j];
+    if (tk.type === _t.PARENOPEN || tk.type === _t.FUNCTION ||
+        tk.type === _t.BRACKETOPEN || tk.type === _t.CURLYOPEN) {
+      depth += 1;
+      continue;
+    }
+    if (tk.type === _t.PARENCLOSE || tk.type === _t.BRACKETCLOSE ||
+        tk.type === _t.CURLYCLOSE) {
+      depth -= 1;
+      if (depth === 0) {
+        if (j > argStart) {
+          slices.push(tokens.slice(argStart, j));
+        }
+        return { slices: slices, end: j + 1 };
+      }
+      continue;
+    }
+    if (tk.type === _t.COMMA && depth === 1) {
+      if (j > argStart) {
+        slices.push(tokens.slice(argStart, j));
+      }
+      argStart = j + 1;
+    }
+  }
+  utils.throwError('Unclosed argument list in "filter" tag', line, filename);
+}
+
+/**
+ * Parse the `{% filter name %}` tag body. Extracts the filter chain and
+ * validates each filter name against the CVE-2023-25345 blocklist.
+ *
+ * Stashes `[{name, args: IRExpr[]}, {name, args: IRExpr[]}, ...]` on
+ * `token.args`. `args: []` means the filter takes no arguments.
+ *
+ * @param  {string} str    Tag body.
+ * @param  {number} line   Source line of the opening `{%`.
+ * @param  {object} parser The Jinja2 parser module (exposes `parseExpr`).
+ * @param  {object} types  Jinja2 lexer token-type enum.
+ * @param  {Array}  stack  Open-tag stack (parser.js manages push).
+ * @param  {object} opts   Per-call options (honors `opts.filename`).
+ * @param  {object} swig   Swig instance (unused).
+ * @param  {object} token  In-progress TagToken. `token.args` gets the
+ *                         filter chain descriptor array.
+ * @return {boolean}       Always `true` on success. Throws otherwise.
+ */
+exports.parse = function (str, line, parser, types, stack, opts, swig, token) {
+  var tokens = lexer.read(utils.strip(str));
+  var pos = 0;
+
+  while (pos < tokens.length && tokens[pos].type === types.WHITESPACE) { pos += 1; }
+
+  if (pos >= tokens.length) {
+    utils.throwError('Expected filter name in "filter" tag', line, opts.filename);
+  }
+
+  function checkName(name) {
+    if (_dangerousProps.indexOf(name) !== -1) {
+      utils.throwError('Unsafe filter name "' + name + '" is not allowed (CVE-2023-25345)', line, opts.filename);
+    }
+  }
+
+  var chain = [];
+
+  // Head filter — VAR (bare name), FUNCTIONEMPTY (`name()`), or FUNCTION
+  // (`name(args...)`). Subsequent filters must come in via FILTER /
+  // FILTEREMPTY — a trailing bare VAR / FUNCTION would be a syntax error.
+  var head = tokens[pos];
+  if (head.type === types.VAR) {
+    checkName(head.match);
+    chain.push({ name: head.match, args: [] });
+    pos += 1;
+  } else if (head.type === types.FUNCTIONEMPTY) {
+    checkName(head.match);
+    chain.push({ name: head.match, args: [] });
+    pos += 1;
+  } else if (head.type === types.FUNCTION) {
+    checkName(head.match);
+    var result = sliceCallArgs(tokens, pos + 1, line, opts.filename);
+    var exprs = [];
+    for (var i = 0; i < result.slices.length; i += 1) {
+      exprs.push(parser.parseExpr(result.slices[i]));
+    }
+    chain.push({ name: head.match, args: exprs });
+    pos = result.end;
+  } else {
+    utils.throwError('Expected filter name in "filter" tag', line, opts.filename);
+  }
+
+  // Chain tail — each FILTER or FILTEREMPTY appends another filter call.
+  while (pos < tokens.length) {
+    while (pos < tokens.length && tokens[pos].type === types.WHITESPACE) { pos += 1; }
+    if (pos >= tokens.length) { break; }
+
+    var tk = tokens[pos];
+    if (tk.type === types.FILTEREMPTY) {
+      checkName(tk.match);
+      chain.push({ name: tk.match, args: [] });
+      pos += 1;
+      continue;
+    }
+    if (tk.type === types.FILTER) {
+      checkName(tk.match);
+      var r = sliceCallArgs(tokens, pos + 1, line, opts.filename);
+      var e = [];
+      for (var k = 0; k < r.slices.length; k += 1) {
+        e.push(parser.parseExpr(r.slices[k]));
+      }
+      chain.push({ name: tk.match, args: e });
+      pos = r.end;
+      continue;
+    }
+    utils.throwError('Unexpected token "' + tk.match + '" in "filter" tag filter chain', line, opts.filename);
+  }
+
+  token.args = chain;
+  return true;
+};
+
+/**
+ * Emit an `IRLegacyJS` node that captures the body into a local `_output`
+ * via an IIFE and folds the filter chain left-to-right into nested
+ * `_filters["<name>"](input, ...args)` calls.
+ *
+ * For `{% filter upper|trim %}body{% endfilter %}` this produces roughly:
+ *
+ *   _output += _filters["trim"](_filters["upper"](
+ *     (function () { var _output = ""; <bodyJS> return _output; })()
+ *   ));
+ *
+ * @return {object} IRLegacyJS node.
+ */
+exports.compile = function (compiler, args, content, parents, options, blockName) {
+  var chain = args;
+  var bodyJS = compiler(content, parents, options, blockName);
+  var input = '(function () {\n  var _output = "";\n' + bodyJS + '  return _output;\n})()';
+
+  var expr = input;
+  for (var i = 0; i < chain.length; i += 1) {
+    var entry = chain[i];
+    var argsJS = '';
+    if (entry.args && entry.args.length) {
+      var parts = [];
+      for (var j = 0; j < entry.args.length; j += 1) {
+        parts.push(backend.emitExpr(entry.args[j]));
+      }
+      argsJS = ', ' + parts.join(', ');
+    }
+    expr = '_filters["' + entry.name + '"](' + expr + argsJS + ')';
+  }
+
+  return ir.legacyJS('_output += ' + expr + ';\n');
+};

package/lib/tags/for.js

@@ -0,0 +1,154 @@
+/*!
+ * Jinja2 `{% for %}` tag.
+ *
+ *   {% for <val> in <iterable> %}…{% endfor %}
+ *   {% for <key>, <val> in <iterable> %}…{% endfor %}
+ *   {% for <val> in <iterable> %}…{% else %}…{% endfor %}   (empty case)
+ *
+ * Loop variable names must be bare identifiers — dotted paths (`foo.bar`)
+ * are rejected at parse time. The CVE-2023-25345 `_dangerousProps` guard
+ * runs on every bound name (key and val).
+ *
+ * The iterable is lowered through `parser.parseExpr`, so filter chains,
+ * binary ops, function calls, and inline-ifs all route through the same
+ * path as any other Jinja2 expression. The resulting IRExpr is attached
+ * to `token.irExpr`.
+ *
+ * The backend's `For` branch owns the full IIFE scaffolding: `_utils.each`,
+ * the `_ctx.loop.*` bookkeeping (first / last / index / index0 / revindex /
+ * revindex0 / length / key), the `Math.random()`-based loopcache that keeps
+ * nested loops from clobbering each other's `_ctx.loop` state, and the
+ * `emptyBody` (for-else) emission. The tag ships only semantic IR —
+ * (val, key, iterable, body, emptyBody).
+ *
+ * A `{% else %}` inside the for body is captured as a marker token (its
+ * stack check in tags/else.js allows `for`); compile splits the content at
+ * it into the loop body and the empty body.
+ */
+
+var ir = require('@rhinostone/swig-core/lib/ir');
+var utils = require('@rhinostone/swig-core/lib/utils');
+var _dangerousProps = require('@rhinostone/swig-core/lib/security').dangerousProps;
+
+var lexer = require('../lexer');
+
+exports.ends = true;
+exports.block = false;
+
+/**
+ * Parse the `{% for %}` tag body. Extracts the binding names (val or
+ * key+val), validates them, then lowers the iterable expression. Names go
+ * on `token.args` (`[val]` or `[key, val]`); the iterable IR on
+ * `token.irExpr`.
+ *
+ * @param  {string} str    Tag body.
+ * @param  {number} line   Source line of the opening `{%`.
+ * @param  {object} parser The Jinja2 parser module (exposes `parseExpr`).
+ * @param  {object} types  Jinja2 lexer token-type enum.
+ * @param  {Array}  stack  Open-tag stack (parser.js manages the push).
+ * @param  {object} opts   Per-call options (honors `opts.filename`).
+ * @param  {object} swig   Swig instance (unused).
+ * @param  {object} token  In-progress TagToken.
+ * @return {boolean}       Always `true` on success. Throws otherwise.
+ */
+exports.parse = function (str, line, parser, types, stack, opts, swig, token) {
+  var tokens = lexer.read(utils.strip(str));
+  var pos = 0;
+
+  function peek() {
+    while (pos < tokens.length && tokens[pos].type === types.WHITESPACE) { pos += 1; }
+    return pos < tokens.length ? tokens[pos] : null;
+  }
+  function consume() {
+    var t = peek();
+    if (t) { pos += 1; }
+    return t;
+  }
+
+  function takeName() {
+    var tok = consume();
+    if (!tok || tok.type !== types.VAR) {
+      utils.throwError('Expected loop variable in "for" tag', line, opts.filename);
+    }
+    if (tok.match.indexOf('.') !== -1) {
+      utils.throwError('Loop variable "' + tok.match + '" must be a bare identifier in "for" tag', line, opts.filename);
+    }
+    if (_dangerousProps.indexOf(tok.match) !== -1) {
+      utils.throwError('Unsafe loop variable "' + tok.match + '" is not allowed (CVE-2023-25345)', line, opts.filename);
+    }
+    return tok.match;
+  }
+
+  var first = takeName();
+  var val = first;
+  var key;
+
+  if (peek() && peek().type === types.COMMA) {
+    consume();
+    key = first;
+    val = takeName();
+  }
+
+  // The lexer's COMPARATOR rule requires a trailing `\s` on `in`, so
+  // `{% for x in %}` (nothing after `in`) lexes `in` as a VAR. Match on the
+  // literal string so the error stays "Expected iterable" for that shape.
+  var inTok = consume();
+  if (!inTok || inTok.match !== 'in' || (inTok.type !== types.COMPARATOR && inTok.type !== types.VAR)) {
+    utils.throwError('Expected "in" in "for" tag', line, opts.filename);
+  }
+
+  while (pos < tokens.length && tokens[pos].type === types.WHITESPACE) { pos += 1; }
+
+  var iterableTokens = tokens.slice(pos);
+  if (!iterableTokens.length) {
+    utils.throwError('Expected iterable after "in" in "for" tag', line, opts.filename);
+  }
+
+  token.args = key !== undefined ? [key, val] : [val];
+  token.irExpr = parser.parseExpr(iterableTokens);
+  return true;
+};
+
+/**
+ * Emit an IRFor node, splitting `content` at a `{% else %}` marker into the
+ * loop body and the empty body. The backend's `For` branch owns the
+ * loopcache + `_utils.each` scaffolding.
+ *
+ * @return {object} IRFor node.
+ */
+exports.compile = function (compiler, args, content, parents, options, blockName, token) {
+  var val, key;
+  if (args.length === 2) {
+    key = args[0];
+    val = args[1];
+  } else {
+    val = args[0];
+    key = '__k';
+  }
+
+  var loopContent = [],
+    emptyContent = null,
+    filename = options && options.filename;
+
+  utils.each(content, function (child) {
+    if (child && child.name === 'else') {
+      if (emptyContent !== null) {
+        utils.throwError('Multiple "else" branches in "for" tag', null, filename);
+      }
+      emptyContent = [];
+      return;
+    }
+    if (emptyContent !== null) {
+      emptyContent.push(child);
+    } else {
+      loopContent.push(child);
+    }
+  });
+
+  var bodyJS = compiler(loopContent, parents, options, blockName);
+  var emptyBody;
+  if (emptyContent !== null) {
+    emptyBody = [ir.legacyJS(compiler(emptyContent, parents, options, blockName))];
+  }
+  return ir.forStmt(val, token.irExpr, [ir.legacyJS(bodyJS)], key, emptyBody);
+};