Drupal手册

Drupal手册

JavaScript

[本部分正在整理中].

A few general guidelines:

以安全的方式处理文字

When handling and outputting text in HTML, you need to be careful that proper filtering or escaping is done.

目录

For starters, always make sure that actions on uploaded files (upload, view, download, delete) are taking place in the 'files' directory or another designated directory.

文件上传,下载和管理

[This section is a work in progress]

Advice in a Nutshell

Allowing users to manage files on your server is a potentially dangerous operation.

用安全的方式建立表单以避免跨站点请求伪造的数据(CSRF)

Cross-site request forgery (CSRF or XSRF) is a process where a request is made to a site which takes an action when the user did not intend to take that action.

页面

Subscribe to RSS - Drupal手册