Django Book 翻译
菜单>:
TOC
返回
原文:
Remember to escape session data if you display it in the template. See the earlier XSS section, and remember that it applies to any user-created content as well as any data from the browser. You should treat session information as being user created.
翻译:
如果需要在模板中显示session数据,要记得对其进行转义。可参考之前的XSS部分,对所有用户提交的数据和浏览器提交的数据进行转义。对于session信息,应该像用户提交的数据一样对其进行处理。
备注:
译者: