orbit-oss/flask
4
4
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed small typos in docs. Added a cross-ref.

Browse source
This commit is contained in:
Ron DuPlain 2010-10-06 14:05:35 +08:00 committed by Armin Ronacher
parent 216478f715
commit 6875a057ec
19 changed files with 27 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

6
docs/patterns/fileuploads.rst
View file

@ -41,9 +41,9 @@ the URL to these files.
Why do we limit the extensions that are allowed? You probably don't want
your users to be able to upload everything there if the server is directly
sending out the data to the client. That way you can make sure that users
are not able to upload HTML files that would cause XSS problems. Also
make sure to disallow `.php` files if the server executes them, but who
has PHP installed on his server, right? :)
are not able to upload HTML files that would cause XSS problems (see
:ref:`xss`). Also make sure to disallow `.php` files if the server
executes them, but who has PHP installed on his server, right? :)
Next the functions that check if an extension is valid and that uploads
the file and redirects the user to the URL for the uploaded file::