Hi Everyone!
My question is how can I prevent illegal method calls in django web application.
For example, take a method that updates the data of ExampleModel:
def examplemodel_changeform(request, examplemodel_id):
#Here is the source code of model updating...
The ExampleModel, where examplemodel_id=40 will be updated with the posted data. This is what I expect to happen.
But,
Problem No1: Typing the URL above into the address bar of the browser, it will send a GET request.
Problem No2: On the client side there are listed only the "active" ExampleModel items in the application. So the user will update only the active items. But with other tools it is possible to send a POST for non active items.
Which
is the correct django/python way to solve this problem? Do I need to
check all things (GET/POST, status...) on every http request?
Thank you in advance!