Handling and securing server functions in an ajax request..python
문제
Hi I am trying to secure a server function being used for an Ajax request, so that the function is not accessed for any sort of malicious activity. I have done the following till now:-
- I am checking whether a valid session is present while the function is being called.
- I am using POST rather than GET
- I look for specific headers by using request.is_xhr else I induce a redirect.
- I have compressed the javascript using dojo shrinksafe(..i am using dojo..)
What else can and should be done here. Need your expert advice on this.
(NB-I am using Flask and Dojo)
해결책
No any special secure actions required. Consider ajax request as any other client request.
제휴하지 않습니다 StackOverflow