Login

prevent GET or POST requests

Author:
jerzyk
Posted:
December 11, 2007
Language:
Python
Version:
.96
Score:
-2 (after 6 ratings)

This will return HTTP 405 if request was not POSTed. same way you can forbide POST request, change 'POST' to 'GET'

Decorators provided for your convenience.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
from django.http import HttpResponseNotAllowed

def my_view(request):
    if request.method != 'POST':
        return HttpResponseNotAllowed('Only POST here')


# decorators
def post_only(func):
    def decorated(request, *args, **kwargs):
        if request.method != 'POST':
            return HttpResponseNotAllowed('Only POST here')
        return func(request, *args, **kwargs)
    return decorated

def get_only(func):
    def decorated(request, *args, **kwargs):
        if request.method != 'GET':
            return HttpResponseNotAllowed('Only GET here')
        return func(request, *args, **kwargs)
    return decorated
    

More like this

  1. Template tag - list punctuation for a list of items by shapiromatron 3 months, 1 week ago
  2. JSONRequestMiddleware adds a .json() method to your HttpRequests by cdcarter 3 months, 2 weeks ago
  3. Serializer factory with Django Rest Framework by julio 10 months, 2 weeks ago
  4. Image compression before saving the new model / work with JPG, PNG by Schleidens 11 months ago
  5. Help text hyperlinks by sa2812 11 months, 4 weeks ago

Comments

jerzyk (on December 11, 2007):

django has it's own decorators from django.views.decorators.http import require_http_methods, require_GET, require_POST

#

Please login first before commenting.