Thanks for your suggestions. As said, I would surely have underlying
security to actually protect the private data at the object level. My
questions was simply to make the URLs look less object like (in order
to make naiv users feel more safe as well). Using slugs/GUIDs seems to
be a way forward.
Thanks for the feedback. Yes I do implement object level security (so
not security by obscurity), but just wanted to make it less object ID
lookalike to the naive user (who may feel that the system is not
secure). Slugs with GUID seems like a good option.
Steinar
On Nov 12, 12:38 pm, Mike Ramirez
On Thursday 12 November 2009 02:48:35 Mike Ramirez wrote:
> urlpatterns = patterns('', url(r'^portfolios/(?P[\w-]+$',
> 'portfolio.views.load_details', name='details'),
>
Typo fixes:
urlpatterns += patterns('', url(r'^portfolios/(?P[\w-]+)$',
'portfolio.views.load_details', name='details'), )
On Thu, Nov 12, 2009 at 7:51 AM, Steinar Rune Eriksen wrote:
>
> (r'^portfolio/(\d{2})/$', 'portfolios.views.load_details'),
> /portfolio/3/
>
> In template the URL would be {% url portfolios.views.load_details
> portfolio.pk %}
>
> Let's say the logged in user has created 2 portfolios, given pri
On Nov 12, 9:51 am, Steinar Rune Eriksen
wrote:
> I have not used Django in external environments before, just Intranet
> applications.
>
> I am wondering how to mask URLs so that object IDs are not shown?
> Obviously one would create security on the server to check if a user
> has access to view
On 12 nov, 10:51, Steinar Rune Eriksen wrote:
> I have not used Django in external environments before, just Intranet
> applications.
>
> I am wondering how to mask URLs so that object IDs are not shown?
> Obviously one would create security on the server to check if a user
> has access to view a
On Thursday 12 November 2009 01:51:26 Steinar Rune Eriksen wrote:
> I have not used Django in external environments before, just Intranet
> applications.
>
> I am wondering how to mask URLs so that object IDs are not shown?
> Obviously one would create security on the server to check if a user
> h
I have not used Django in external environments before, just Intranet
applications.
I am wondering how to mask URLs so that object IDs are not shown?
Obviously one would create security on the server to check if a user
has access to view a particular object, but the fact that IDs are
siaplayed in
8 matches
Mail list logo
