On 18 déc, 23:20, Taylor <[email protected]> wrote: > I'm working on a game in Django where the majority of the interaction > comes through clicks that run JavaScript methods that use jQuery's > $.post() to post data to a url. To protect against cheaters and bots, > I must ensure that every post is made by a logged-in user and protect > against cross-site scripting, and I certainly don't want any injection > attacks. I know Django has many protections against these built in, > but since most of my requests come through AJAX posts rather than URL > requests or form submissions, I was wondering what steps I need to > take to fully protect myself.
Nothing more. From the server's POV, this makes absolutely no difference - all it sees are HTTP requests, period. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
