mirror of
https://github.com/QingdaoU/OnlineJudge.git
synced 2024-09-21 08:23:20 +00:00
只判断 ajax 可能存在绕过
This commit is contained in:
parent
f4514fa3b8
commit
0ee76a57e0
@ -4,6 +4,7 @@ from functools import wraps
|
||||
|
||||
from django.http import HttpResponse, HttpResponseRedirect
|
||||
from django.shortcuts import render
|
||||
from django.core.urlresolvers import reverse
|
||||
|
||||
from utils.shortcuts import error_response, error_page
|
||||
|
||||
@ -92,7 +93,7 @@ def check_user_contest_permission(func):
|
||||
{"reason": "contest_not_start", "show_tab": False, "contest": contest})
|
||||
|
||||
# 比赛已经结束了,只拦截 ajax 的答案提交
|
||||
if contest.status == CONTEST_ENDED and request.is_ajax():
|
||||
if contest.status == CONTEST_ENDED and request.path == reverse("contest_submission_api") and request.is_ajax():
|
||||
return error_response(u"比赛已经结束")
|
||||
|
||||
return func(*args, **kwargs)
|
||||
|
Loading…
Reference in New Issue
Block a user