Django:有没有办法知道一个url在应用程序中是否有效? [英] Django: is there a way to know if a url is valid in the application?
本文介绍了Django:有没有办法知道一个url在应用程序中是否有效?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
这是我的目标:
- 用户想登录
- 我打开一个按钮每个页面以urlback为参数,例如,如果我们在页面上
http://olivier.life/today
,则登录的按钮将具有像http://olivier.life/login?back=today
- 用户登录
- 一旦用户登录,我检查
GET
请求中是否有返回
。如果是这样,那么我将重定向到GET
- the user wants to login
- I make a button on each page with the urlback as a parameter, for example if we are on the page
http://olivier.life/today
, the button to login will have an url likehttp://olivier.life/login?back=today
- the user logs in
- once the user is logged in, i check if there's a "
back
" in the "GET
" request. if so then I make a redirect to the url in theGET
我的url问题是一个安全问题:我只想知道 GET
中的URL是否是我的应用程序的一部分(对 urls.py
文件)。
My problem is a security problem: I just want to know if the URL in the GET
is part of my application (is valid for one of the URLs in the urls.py
file).
如何做?
推荐答案
使用 resolve
。有一个例子与文档中的这个用例非常接近。我想你的情况你想要的是:
Use resolve
. There's an example that's very close to this use case in the docs. I think for your case you want something like:
def some_view(request):
redirect_target = request.GET.get('back')
if redirect_target:
try:
resolve_match = django.core.urlresolvers.resolve(redirect_target)
except django.core.urlresolvers.Resolver404:
# do something on bad input
else:
return django.shortcuts.redirect(redirect_target)
else:
# empty string redirect target, or not provided at all
# do something else
这篇关于Django:有没有办法知道一个url在应用程序中是否有效?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文