Re: parameter, but not in the URL

2011-03-05 Thread pjrhar...@gmail.com
You should definitely be using a POST request - an important aspect of the design of any web application is that get requests should not change server side state, for this exact reason. http://stackoverflow.com/questions/46585/when-do-you-use-post-and-when-do-you-use-get -- You received this mes

Re: AW: parameter, but not in the URL

2011-03-04 Thread Bill Freeman
> -Ursprüngliche Nachricht- > > Von: django-users@googlegroups.com [mailto:django-users@googlegroups.com] Im > Auftrag von Shamail Tayyab > Gesendet: Freitag, 04. März 2011 11:59 > An: django-users@googlegroups.com > Betreff: Re: AW: parameter, but not in the URL > &g

AW: AW: parameter, but not in the URL

2011-03-04 Thread Szabo, Patrick (LNG-VIE)
@googlegroups.com [mailto:django-users@googlegroups.com] Im Auftrag von Shamail Tayyab Gesendet: Freitag, 04. März 2011 11:59 An: django-users@googlegroups.com Betreff: Re: AW: parameter, but not in the URL On 04/03/11 4:08 PM, Eric Abrahamsen wrote: > On Fri, Mar 04 2011, Szabo, Patrick (LNG-

Re: AW: parameter, but not in the URL

2011-03-04 Thread Shamail Tayyab
rs@googlegroups.com [mailto:django-users@googlegroups.com] Im Auftrag von Eric Abrahamsen Gesendet: Freitag, 04. März 2011 10:46 An: django-users@googlegroups.com Betreff: Re: parameter, but not in the URL On Fri, Mar 04 2011, Szabo, Patrick (LNG-VIE) wrote: 127.0.0.1:800/93/1 This would delete

Re: AW: parameter, but not in the URL

2011-03-04 Thread Eric Abrahamsen
> > > -Ursprüngliche Nachricht- > > Von: django-users@googlegroups.com [mailto:django-users@googlegroups.com] Im > Auftrag von Eric Abrahamsen > Gesendet: Freitag, 04. März 2011 10:46 > An: django-users@googlegroups.com > Betreff: Re: parameter, but not in the URL >

AW: parameter, but not in the URL

2011-03-04 Thread Szabo, Patrick (LNG-VIE)
rz 2011 10:46 An: django-users@googlegroups.com Betreff: Re: parameter, but not in the URL On Fri, Mar 04 2011, Szabo, Patrick (LNG-VIE) wrote: > 127.0.0.1:800/93/1 > > > > This would delete an object with the id 93. > > This is very unsecure and once the user notices how t

Re: parameter, but not in the URL

2011-03-04 Thread Eric Abrahamsen
On Fri, Mar 04 2011, Szabo, Patrick (LNG-VIE) wrote: > 127.0.0.1:800/93/1 > > > > This would delete an object with the id 93. > > This is very unsecure and once the user notices how this works he > could delete any object he wants. > > > > How can i make this more secure ?! There's pretty muc

parameter, but not in the URL

2011-03-04 Thread Szabo, Patrick (LNG-VIE)
Hi, Currently i pass all my parameterst hat a views needs over the URL. Eg. 127.0.0.1:800/93/1 This would delete an object with the id 93. This is very unsecure and once the user notices how this works he could delete any object he wants. How can i make this more secure ?! K