将表单输入属性“name”更改为“data-encrypted-name” [英] Change form input attribute 'name' to 'data-encrypted-name'
问题描述
对于标题来说,这是一个棘手的问题,所以请在假设其重复之前阅读:)。 我使用 Braintree支付在Django网站上,以及 我目前看起来像这样: 我能以某种方式将 仅供参考我在 根据 Braintree : 重要提示:不要使用name属性来捕获 另外,我使用django 香脆形式,所以我宁愿解决这个问题在我的 像这样: 如果您需要为超过一些小部件类型执行此操作,则可以将其抽象为混合。 This was a tricky question to title, so please read before assuming its a duplicate :). I'm using Braintree Payments on a Django site, and the payment form html needs to look like this for the credit card number: mine currently looks like this: Can I somehow rename FYI I tried this in the Per Braintree: IMPORTANT: Do not use the name attribute for any fields that capture
sensitive payment information such as the credit card number or CVV.
Removing this attribute prevents them from hitting your server in
plain text and so reduces your PCI compliance scope. Also, I'm using django crispy forms, so I'd prefer to solve this in my Define a custom widget class inheriting from whatever widget type your I'd do it something like this: If you need to do this for more than a handful of widget types you could abstract this into a mixin. 这篇关于将表单输入属性“name”更改为“data-encrypted-name”的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
< < ; input type =textsize =20autocomplete =offdata-encrypted-name =number/>
< input type =textsize =20autocomplete =offname =number>
name
重命名为数据加密的名称
?或者,我可以隐藏/删除名称
属性吗?如果是这样,我可以很容易地为Braintree友好属性添加一个自定义属性:
class SignupForm(forms.Form):
... snip ...
def __init __(self,* args,** kwargs):
super(SignupForm,self).__ init __(* args,** kwargs)
self.fields ['number']。widget.attrs ['data-encrypted-name'] =number
__ init __
中尝试了这一点,但没有运气:
self.fields ['number']。widget.attrs ['name'] = None
敏感支付信息(如信用卡号码或CVV)的任何字段。
删除此属性可防止他们以
纯文本打印您的服务器,从而降低您的PCI合规性范围。
forms.py
中,而不是在HTML调整模板中,以保持DRY。
数字
字段默认值为( TextInput
,根据你显示的标签来判断)并覆盖它的 build_attrs
方法。
$ p $ class SensitiveTextInput ):
attrs = super(SensitiveTextInput,self).build_attrs(extra_attrs,** kwargs)
如果attrs中的'name':
attrs ['data-encrypted-name'] = attrs ['name']
del attrs ['name']
return attrs
<input type="text" size="20" autocomplete="off" data-encrypted-name="number" />
<input type="text" size="20" autocomplete="off" name="number">
name
to data-encrypted-name
? Alternatively, can I hide/remove the name
attribute altogether? If so, I could then easily add a custom attribute for the Braintree-friendly attribute:class SignupForm(forms.Form):
...snip...
def __init__(self, *args, **kwargs):
super(SignupForm, self).__init__(*args, **kwargs)
self.fields['number'].widget.attrs['data-encrypted-name'] = "number"
__init__
but no luck: self.fields['number'].widget.attrs['name'] = None
forms.py
and not in the template with html tweaks in order to keep it DRY.numbers
field defaults to (TextInput
, judging from the tag you're showing) and override its build_attrs
method.class SensitiveTextInput(TextInput):
def build_attrs(self, extra_attrs=None, **kwargs):
attrs = super(SensitiveTextInput, self).build_attrs(extra_attrs, **kwargs)
if 'name' in attrs:
attrs['data-encrypted-name'] = attrs['name']
del attrs['name']
return attrs