django-smart-selects icon indicating copy to clipboard operation
django-smart-selects copied to clipboard

Published 20 hours ago verified publisher icon jazzband

Django docs don't cover a through-model case

Open Klexus1 opened this issue 4 years ago • 2 comments
trafficstars

You MUST use this template when reporting issues. Please make sure you follow the checklist and fill in all of the information sections below.

All versions of django-smart-selects prior to version 1.2.8 are vulnerable to an XSS attack as detailed in issue 171. As a result, all previous versions have been removed from PyPI to prevent users from installing insecure versions. All users are urged to upgrade as soon as possible.

Checklist

Put an x in the bracket when you have completed each task, like this: [x]

  • [x ] This issue is not about installing previous versions of django-smart-selects older than 1.2.8. I understand that previous versions are insecure and will not receive any support whatsoever.
  • [x ] I have verified that that issue exists against the master branch of django-smart-selects.
  • [x ] I have searched for similar issues in both open and closed tickets and cannot find a duplicate.
  • [ x] I have debugged the issue to the smart_selects app.
  • [ x] I have reduced the issue to the simplest possible case.
  • [ x] I have included all relevant sections of models.py, forms.py, and views.py with problems.
  • [ x] I have used GitHub Flavored Markdown to style all of my posted code.

Steps to reproduce

Actual behavior

Expected behavior

For the following case, there is no hint how to handle a through model. Example:

class Continent(models.Model): name = models.CharField(max_length=255)

class Country(models.Model): continent = models.ManyToMany(Continent, through='CountryToContinent") name = models.CharField(max_length=255)

class CountryToContinent(models.Model): continent = models.ForeignKey(Continent) name = models.ForeignKey(Country)

class Location(models.Model): continent = models.ForeignKey(Continent) country = models.ForeignKey(Country) area = models.ForeignKey(Area) city = models.CharField(max_length=50) street = models.CharField(max_length=100)

Klexus1 avatar Feb 11 '21 12:02 Klexus1

could you solve it?

zubus avatar Apr 13 '21 03:04 zubus

I did not, I started to use custom templates with jquery ajax requests instead

Klexus1 avatar Apr 13 '21 08:04 Klexus1