-template-..-2f..-2f..-2f..-2froot-2f -

: Only allow a strictly defined list of safe file names or paths. Reject any input that does not match.

Four traversals are excessive if the target application root is three levels deep (e.g., /var/www/app/templates/ ). However, attackers often insert extra ../ sequences to: -template-..-2F..-2F..-2F..-2Froot-2F

If you need generic text to test how a layout looks within a template: Standard Lorem Ipsum : Only allow a strictly defined list of