Sunday, November 11, 2007

Common web features in Django

Here is a brief list of common web features, and the best way I know for achieving it in Django:

  • Breadcrumbs: use {{ block.super }} for recursive link inheritance [more info]

  • Back button: use {{ request.META.HTTP_REFERER }} for linking to referring URL*

  • Highlight active menu option: use {{ request.path }} to know requested URL and compare it with menu options * [more info]

  • Pagination: use 'django.views.generic.list_detail.object_list' generic view [more info]


* it's needed to add 'request' module to TEMPLATE_CONTEXT_PROCESSORS on settings.py

3 comments:

  1. be sure to check the value of request.META.HTTP_REFERER because it looks like it's beeing exploitable.. i think of redirecting to your django-site from http://www.example.com/alert(1); ;)

    ReplyDelete
  2. Just make sure you escape it and you're fine:

    {{ request.META.HTTP_REFERER|escape }}

    or

    {{ request.request.META.HTTP_REFERER|urlize }} to automatically create a link already tagged with rel="nofollow".

    ReplyDelete
  3. @admin not your problem but the problem of your users, a bit arrogant :)
    you should check out XSS on wikipedia ..

    good blog anyway, thanks

    ReplyDelete