Django Book 翻译
菜单>:
TOC
返回
原文:
First, our attempt at protecting our entire email list will fail with a cleverly constructed query. Think about what happens if an attacker types ``"' OR 'a'='a"`` into the query box. In that case, the query that the string interpolation will construct will be:
翻译:
首先,我们对于保护email列表所采取的措施,遇到精心构造的查询语句就会失效。想象一下,如果攻击者在查询框中输入 ``"' OR 'a'='a"`` 。此时,查询的字符串会构造如下:
备注:
译者: