Re: [google-appengine] how to restrict the a request from a special page. (or domain)

remember tho that the Referer header is easily faked, so is not really a viable security mechanism. A better way is to use tokens/ hashes or similar, so that you know the request originated from a request on one of your pages (because you where able to create the hash using a known secret) http:/

Re: [google-appengine] how to restrict the a request from a special page. (or domain)

May be you want to use HTTP Referer header. I am not entirely sure if its a good idea to use GET to delete a record. May be you want to consider using POST or if possible DELETE. Thanks. On Sun, Sep 12, 2010 at 10:36 PM, Markanday Singh wrote: > I am i

[google-appengine] how to restrict the a request from a special page. (or domain)

I am implementing GET handler for deleting a record from database, i want to restrict to my domain. i..e I don't want to execute the deletion if request is coming from some other domain or page, how to i do that??? -- You received this message because you are subscribed to the Google Groups "Goo