{"id":296,"date":"2025-11-10T01:29:26","date_gmt":"2025-11-10T01:29:26","guid":{"rendered":"http:\/\/101.42.175.115\/wordpress\/?p=296"},"modified":"2026-01-07T11:48:26","modified_gmt":"2026-01-07T11:48:26","slug":"ssti_py","status":"publish","type":"post","link":"http:\/\/101.42.175.115\/wordpress\/?p=296","title":{"rendered":"Jinja2\u4e0eSimpleTemplate\u5f15\u64ce\u4e0b\u7684SSTI"},"content":{"rendered":"\n

SSTI\uff08Server-Side Template Injection\uff0c\u670d\u52a1\u5668\u7aef\u6a21\u677f\u6ce8\u5165\uff09\u662f\u4e00\u79cd\u5e38\u89c1\u7684 Web \u5b89\u5168\u6f0f\u6d1e\uff0c\u901a\u5e38\u51fa\u73b0\u5728\u4f7f\u7528\u6a21\u677f\u5f15\u64ce\u6e32\u67d3\u52a8\u6001\u5185\u5bb9\u7684 Web \u5e94\u7528\u4e2d\u3002<\/p>\n\n\n\n

\u5728\u8bb8\u591a Web \u6846\u67b6\u4e2d\uff0c\u6a21\u677f\u5f15\u64ce\u7528\u4e8e\u5c06\u6570\u636e\u52a8\u6001\u63d2\u5165\u5230 HTML \u9875\u9762\u4e2d\uff0c\u901a\u5e38\u662f\u901a\u8fc7\u5728\u6a21\u677f\u4e2d\u63d2\u5165\u53d8\u91cf\u6216\u8868\u8fbe\u5f0f\u6765\u751f\u6210\u9875\u9762\u5185\u5bb9\u3002\u5982\u679c\u8fd9\u91cc\u7684\u8868\u8fbe\u5f0f\u53ef\u63a7\uff0c\u653b\u51fb\u8005\u5411\u5176\u4e2d\u6ce8\u5165\u6076\u610f\u8868\u8fbe\u5f0f\u5c31\u6709\u53ef\u80fd\u5b9e\u73b0\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n

Jinja2<\/h2>\n\n\n\n

Jinja2 \u5e38\u7528\u4e8e Python_Flask \u6846\u67b6\u3002<\/p>\n\n\n\n

Jinja2 \u7684\u8bed\u6cd5\u4e0e Python \u76f8\u4f3c\uff0c\u7c7b\u4f3c\u4e8e\u4e00\u4e2a Python \u7684\u5b89\u5168\u5b50\u96c6\u3002\u867d\u7136 Jinja2 \u4e0d\u5141\u8bb8\u76f4\u63a5\u6267\u884c Python \u8bed\u53e5\uff0c\u4f46\u80fd\u591f\u5b9e\u73b0 python \u4e2d\u7684\u52a8\u6001\u8bbf\u95ee\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n

\u73af\u5883<\/h3>\n\n\n\n

flask jinja2 \u73af\u5883\u4e2d\u6709\u4e00\u4e9b\u5185\u7f6e\u7684\u5168\u5c40\u5bf9\u8c61\uff08\u5305\u62ec jinja2 \u5185\u7f6e\u548c flask \u81ea\u52a8\u6ce8\u5165\u5bf9\u8c61\uff09\uff0c\u6bd4\u5982<\/p>\n\n\n\n

Python<\/span>