diff options
| author | Rob Hudson | 2008-09-24 16:23:01 -0700 |
|---|---|---|
| committer | Rob Hudson | 2008-09-24 16:23:01 -0700 |
| commit | 85d879803c88aa036934d36977a10b5d28b70aaa (patch) | |
| tree | 3314e883ea5d9226a560ecaf5b9d251223d08334 /debug_toolbar/templates | |
| parent | c70de6b2d3e2fd3d3bfa5cc15c7dfd4903aa1991 (diff) | |
| download | django-debug-toolbar-85d879803c88aa036934d36977a10b5d28b70aaa.tar.bz2 | |
Adding a SHA-1 hash to the parameters passed to get the EXPLAIN query to avoid
any sort of tampering of the SQL or parameters.
Diffstat (limited to 'debug_toolbar/templates')
| -rw-r--r-- | debug_toolbar/templates/debug_toolbar/panels/sql.html | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/debug_toolbar/templates/debug_toolbar/panels/sql.html b/debug_toolbar/templates/debug_toolbar/panels/sql.html index 052b36a..e218f22 100644 --- a/debug_toolbar/templates/debug_toolbar/panels/sql.html +++ b/debug_toolbar/templates/debug_toolbar/panels/sql.html @@ -13,7 +13,7 @@ <td>{{ query.time|floatformat:"4" }}</td> <td> {% if query.params %} - <a class="remoteCall" href="/__debug__/sql_explain/?sql={{ query.raw_sql|urlencode }}¶ms={{ query.params|urlencode }}&time={{ query.time|floatformat:"4"|urlencode }}">EXPLAIN</a> + <a class="remoteCall" href="/__debug__/sql_explain/?sql={{ query.raw_sql|urlencode }}¶ms={{ query.params|urlencode }}&time={{ query.time|floatformat:"4"|urlencode }}&hash={{ query.hash }}">EXPLAIN</a> {% endif %} </td> <td class="syntax">{{ query.sql|safe }}</td> |