📝
Security Traps
2329
0次下载
2次浏览
2026/3/9
- `|safe` filter disables escaping — XSS if content is user input - `mark_safe()` trusts content — never use on user data - `@csrf_exempt` removes protection — use only with other auth (API keys) - `.extra()` / `.raw()` — SQL injection if interpolating user input - `DEBUG=True` in production — exposes settings, paths, SQL queries
广告位 300x250
资源信息
- 数据来源
- bigquery-gharchive
- 分类
- data-analysis
- 创建时间
- 2026/3/9
- 更新时间
- 2026/3/14
评论 (0)
登录后发表评论
加载中...