Djangoの脆弱性CVE-2019–12308・CVE-2019–11358について解説(1)

admin.py

from django.contrib import admin

from .forms import PostAdminForm
from .models import Post


class PostAdmin(admin.ModelAdmin):
    form = PostAdminForm


admin.site.register(Post, PostAdmin)

forms.py

from django import forms

from .models import Post


class PostAdminForm(forms.ModelForm):
    content = forms.CharField(widget=forms.Textarea)

    class Meta:
        model = Post
        fields = '__all__'

models.py

from django.db import models


class Post(models.Model):
    title = models.CharField(max_length=100, verbose_name="タイトル")
    content = models.CharField(max_length=1000, verbose_name="内容")
    url = models.URLField(verbose_name="URL")

    def __str__(self):
        return self.title

    class Meta:
        verbose_name = "投稿"
        verbose_name_plural = "投稿"