Separating GET and POST is normally used for RESTful web programming.  
Which is becoming a very common practice is popular competing frameworks, 
such as Rails.

Personally I would prefer a more "native" way in Django to separate 
GET/POST views.  I guess this could be done via a decorator or something.

Another reason you may want to separate GET/POST is for security.  For 
example, only letting some views accept POST requests, and basically shove 
a big 403 message to users who attempt to POST to a view which otherwise 
shouldn't accept a POST.  I normally limit this using the web server, so 
POST requests will not even reach the web application if the component 
doesn't even accept it.  I always have a mind set that the Internet is 
never safe, and everybody is a hacker.  It's better to be safe, than sorry 
that a malicious POST body reached your application.  An easy way to do 
this on the server is to use a regex mask for views which will accept a 
POST body, such as having an extension of ".do" or ".action".  If the view 
doesn't have this special extension, then only allow GET requests to pass 
through to WSGI.  You can also filter out headers and such on the server to 
further protect your WSGI application from the outside world.  If you don't 
have access to the server's configuration, well, then I'm sure the cloud 
service you deployed to is "safe enough".

On Tuesday, 10 April 2012 18:21:15 UTC-5, John Yeukhon Wong wrote:
>
> 3/4 down the page
> http://www.djangobook.com/en/2.0/chapter08/
>
> urlpatterns = patterns('', # ... (r'^somepage/$', views.method_splitter, 
> {'GET': views.some_page_get, 'POST': views.some_page_post}), # ... )
>
>
> Is this a good practice at all? If I use the method splitter, my urls will 
> look ugly. Or should I just separate based on the length of certain views? 
> (If it's too long, break it into two, or use the delegator)
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/8AwOL9nh7lcJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Reply via email to