尽量不要使用send_file()
,而使用send_from_directory
,后者限定了文件夹,更安全
flask.send_file(filename_or_fp, mimetype=None, as_attachment=False, attachment_filename=None, add_etags=True, cache_timeout=None, conditional=False, last_modified=None)
参数 | 说明 |
---|---|
filename_or_fp | 需要发送的文件 |
mimetype | the mimetype of the file if provided. If a file path is given, auto detection happens as fallback, otherwise an error will be raised. |
as_attachment | et to True if you want to send this file with a Content-Disposition: attachment header. |
attachment_filename | the filename for the attachment if it differs from the file’s filename. |
add_etags | set to False to disable attaching of etags. |
conditional | set to True to enable conditional responses. |
cache_timeout | the timeout in seconds for the headers. |
last_modified |
flask.send_from_directory(directory, filename, **options)
参数 | 描述 |
---|---|
directory | the directory where all the files are stored. |
filename | the filename relative to that directory to download. |
options | optional keyword arguments that are directly forwarded to send_file(). |
参考文献:
http://flask.pocoo.org/docs/0.12/api/#flask.send_from_directory
https://stackoverflow.com/questions/38252955/flask-when-to-use-send-file-send-from-directory?r=SearchResults