初级
实现请求参数白名单过滤
未完成
初级参考
完整示例代码供参考,建议自己理解后重新输入
def solve():
from pyodide.http import open_url
from io import StringIO
users_csv = open_url("https://data.zuihe.com/dbd/ms-shop/state_00/users.csv").read()
ALLOWED = {
'create_user': {'username','email','phone'},
'update_product': {'price','stock'},
'create_order': {'user_id','items','idempotency_key'},
}
def whitelist_filter(action, params):
allowed = ALLOWED.get(action, set())
filtered = {k:v for k,v in params.items() if k in allowed}
dropped = [k for k in params if k not in allowed]
return filtered, dropped
cases = [
('create_user', {'username':'alice','email':'a@test.com','phone':'138','role':'admin','is_superuser':True}),
('update_product', {'price':299,'stock':50,'name':'hack','version':99}),
]
for action, params in cases:
filtered, dropped = whitelist_filter(action, params)
print(f"{action}: kept={list(filtered.keys())}, dropped={dropped}")示例
输入
solve()
期望输出
create_user: kept=['username', 'email', 'phone'], dropped=['role', 'is_superuser'] update_product: kept=['price', 'stock'], dropped=['name', 'version']
👑
升级 VIP
解锁全部题目,畅通无阻地学习
- ✓ 解锁全部训练包所有题目
- ✓ 查看完整参考代码和提示
- ✓ 浏览器内直接运行 Python 代码
- ✓ 自动批改 + 进度追踪
30天
¥18
1年
¥99
2年
¥158
3年
¥199
