Handling and securing server functions in an ajax request..python
https://stackoverflow.com/questions/4131327
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Hi I am trying to secure a server function being used for an Ajax request, so that the function is not accessed for any sort of malicious activity. I have done the following till now:-
- I am checking whether a valid session is present while the function is being called.
- I am using POST rather than GET
- I look for specific headers by using request.is_xhr else I induce a redirect.
- I have compressed the javascript using dojo shrinksafe(..i am using dojo..)
What else can and should be done here. Need your expert advice on this.
(NB-I am using Flask and Dojo)
Solution
No any special secure actions required. Consider ajax request as any other client request.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
