?????????? ????BUG
???????????? ???????[ 2014/5/12 15:24:52 ] ????????BUG???
????Noah Sussman ????д???????? ??????ò???????????????????嵥??????嵥???????????????а?????????????????????????????????????????
??????????????????????????????????????????????????д??????????????????з????????????
???????????????????????????????????“?????”?????????????????????Щ?????? bug??
???????????Ч?????????Easy Programming????????“???????????????? bug”??????????′??????????????
???????????????????????????????? bug?????????????????“?e????????????????????? bug ???б?????”????????????“????????????????????????? bug ???????????”
????????????????г????Щ???????в????
??????????? bug?????? SQL ?????? XSS ?????? Django ????????????? SQL ???? XSS ????д????????????? Django ?????????? bug ????????????????????? SQL ???????? HTML ?? API ?????????????????????????????????????????????κ?????? bug??
????????????????????????ú?в??????????????? bug ?????????????? XSS ????????м??ζ??е??????Щ???????? XSS ?????????????? HTML ????
????????????? Python ???????????????????????????????????????????????????д?????????????????????д????? HTML ???????
???????????????????????????????“???”??“??????????????????д HTML”?????????“?????? API ???????????????????????????”???????????????????????????????μ? API?????????Щ??????????????????
????????????????Щ????????????д???Щ??????????????????????????????????????????:
|
from django.core.urlresolvers import reverse
from django.template import Library
from django.utils.html import escape
from django.utils.safestring import mark_safe
register = Library()
@register.filter
def account_link(account):
return mark_safe(u'<a href="%s" title="%s %s">%s</a>' % (
escape(reverse('account_stats'?? args=(account.username??)))??
escape(account.first_name)??
escape(account.last_name)??
escape(account.username)??
))
|
??????????????????????????ü?????????????????塣?????д??????? Django ????? API ?????????????????????????????????д??
|
from django.core.urlresolvers import reverse
from django.template import Library
from somewhere import html_fragment
register = Library()
@register.filter
def account_link(account):
return html_fragment(u'<a href="%s" title="%s %s">%s</a>'??
reverse('account_stats'?? args=(account.username??))??
account.first_name??
account.last_name??
account.username??
)
|
??????
???·???
??????????????????
2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44???????????????
2021/9/17 15:19:29???·???????·
2021/9/14 15:42:25?????????????
2021/5/28 17:25:47??????APP??????????
2021/5/8 17:01:11
sales@spasvo.com