将表单输入属性“name”更改为“data-encrypted-name” [英] Change form input attribute 'name' to 'data-encrypted-name'

问题描述

对于标题来说，这是一个棘手的问题，所以请在假设其重复之前阅读：）。 我使用 Braintree支付在Django网站上，以及

 < <        ; input type =textsize =20autocomplete =offdata-encrypted-name =number/> 
  

我目前看起来像这样：

 < input type =textsize =20autocomplete =offname =number> 
  

我能以某种方式将 name 重命名为数据加密的名称？或者，我可以隐藏/删除名称属性吗？如果是这样，我可以很容易地为Braintree友好属性添加一个自定义属性：

  class SignupForm（forms.Form）： 
 ... snip ... 
 
 def __init __（self，* args，** kwargs）：
 super（SignupForm，self）.__ init __（* args，** kwargs）
 
 self.fields ['number']。widget.attrs ['data-encrypted-name'] =number
  

仅供参考我在 __ init __ 中尝试了这一点，但没有运气：

  self.fields ['number']。widget.attrs ['name'] = None 
  

根据 Braintree ：

重要提示：不要使用name属性来捕获
敏感支付信息（如信用卡号码或CVV）的任何字段。
删除此属性可防止他们以
纯文本打印您的服务器，从而降低您的PCI合规性范围。

另外，我使用django 香脆形式，所以我宁愿解决这个问题在我的 forms.py 中，而不是在HTML调整模板中，以保持DRY。

解决方案定义一个继承自任何窗口小部件的自定义窗口小部件类型，您的数字字段默认值为（ TextInput ，根据你显示的标签来判断）并覆盖它的 build_attrs 方法。

像这样：

$ p $ class SensitiveTextInput ）：
attrs = super（SensitiveTextInput，self）.build_attrs（extra_attrs，** kwargs）
如果attrs中的'name'：
attrs ['data-encrypted-name'] = attrs ['name']
del attrs ['name']
return attrs


如果您需要为超过一些小部件类型执行此操作，则可以将其抽象为混合。

This was a tricky question to title, so please read before assuming its a duplicate :).

I'm using Braintree Payments on a Django site, and the payment form html needs to look like this for the credit card number:

<input type="text" size="20" autocomplete="off" data-encrypted-name="number" />

mine currently looks like this:

<input type="text" size="20" autocomplete="off" name="number">

Can I somehow rename name to data-encrypted-name? Alternatively, can I hide/remove the name attribute altogether? If so, I could then easily add a custom attribute for the Braintree-friendly attribute:

class SignupForm(forms.Form):
    ...snip...

    def __init__(self, *args, **kwargs):
         super(SignupForm, self).__init__(*args, **kwargs)

         self.fields['number'].widget.attrs['data-encrypted-name'] = "number"

FYI I tried this in the __init__ but no luck:

         self.fields['number'].widget.attrs['name'] = None

Per Braintree:

IMPORTANT: Do not use the name attribute for any fields that capture sensitive payment information such as the credit card number or CVV. Removing this attribute prevents them from hitting your server in plain text and so reduces your PCI compliance scope.

Also, I'm using django crispy forms, so I'd prefer to solve this in my forms.py and not in the template with html tweaks in order to keep it DRY.

解决方案

Define a custom widget class inheriting from whatever widget type your numbers field defaults to (TextInput, judging from the tag you're showing) and override its build_attrs method.

I'd do it something like this:

class SensitiveTextInput(TextInput):
    def build_attrs(self, extra_attrs=None, **kwargs):
        attrs = super(SensitiveTextInput, self).build_attrs(extra_attrs, **kwargs)
        if 'name' in attrs:
            attrs['data-encrypted-name'] = attrs['name']
            del attrs['name']
        return attrs

If you need to do this for more than a handful of widget types you could abstract this into a mixin.

这篇关于将表单输入属性“name”更改为“data-encrypted-name”的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！