伪造 log methods file == nbsp tip app get
前段
- <form enctype="multipart/form-data">
- </form>
后端
Flask - 文件上传
- @app.route('/upload', methods=['GET', 'POST'])
- def upload_file():
- if request.method == 'POST':
- f = request.files['filename']
- f.save('/upload/1.txt')
- # 访问文件属性
- print(secure_filename(f.filename)) # Werkzeug提供方法,防止路径伪造
来源: http://www.bubuko.com/infodetail-2453731.html