Handling and securing server functions in an ajax request..python
Question
Hi I am trying to secure a server function being used for an Ajax request, so that the function is not accessed for any sort of malicious activity. I have done the following till now:-
- I am checking whether a valid session is present while the function is being called.
- I am using POST rather than GET
- I look for specific headers by using request.is_xhr else I induce a redirect.
- I have compressed the javascript using dojo shrinksafe(..i am using dojo..)
What else can and should be done here. Need your expert advice on this.
(NB-I am using Flask and Dojo)
Solution
No any special secure actions required. Consider ajax request as any other client request.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow