|
Raphaël B.
nashii at gmail.com
Sat Jan 30 13:13:18 EST 2010
2010/1/30 Eric Strand <estrand at isomedia.com> > > Check out the "method" member of the request object documented here: > > http://www.modpython.org/live/current/doc-html/pyapi-mprequest-mem.html > > --Eric > It works if we want to know the global method to load the webpage, but not to know which field is "posted" and which other is "getted" ! I would like to split the two kinds of submissions ! Is this possible ? Thanks for your answer ;) Le 30 janvier 2010 02:29, Clodoaldo Neto <clodoaldo.pinto at gmail.com> a écrit : > > What do you mean by "protect our form"? Although it takes more work to > fake a posted form than to fake a geted form it is not worth to even > think about it in terms of security. It is much saner to just to use > the post/get semantics: if it will not change the state of the > universe then it is a get, otherwise it is a post. > > Regards, Clodoaldo If it's not really a "protection", it's a way to be sure that the form was submitted by the right way, and I prefer. In fact, I would like to be sure that all of the data that are obtained are from my form ! Regards, Raphaël -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mm_cfg_has_not_been_edited_to_set_host_domains/pipermail/mod_python/attachments/20100130/8adef17b/attachment.html
|