Home/ Questions/Q 6016477
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T02:59:17+00:00

HI, I want to validate my urls whether they are post or get with

  • 0

HI,

I want to validate my urls whether they are post or get with caring the proper data.So i want to validate these urls before they call to respective views.So i am willing to write the some kind of middleware between view and urls so that i can keep safe the system.I am not aware how do i pass the data through middleware code to view.In middle ware i will write the unittest code.which will validate the urls if valid then will pass to the respective view other wise happy to say 404 .So can any buddy suggest me how do i handle the case.Or may be their is another alternative best way to do this validation.

Thanks to all.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You should really be checking for request type in your views, and not in a middleware. As I mentioned in the comments above, you can’t tell whether a request is a POST message from the URL alone, let alone determine what POST data it carries.

    Checking the request type within a view is very straight-forward — simple check that request.method is equal to "GET" or "POST".

    If you’re doing this often, a short cut would be to create a decorator which does this check for you. For example, the following decorator checks that a GET request was used to call this view, or else return an HttpResponseBadRequest object (status code 400):

    # untested code, use with care
def require_GET(view_func):
    def wrap(request, *args, **kwargs):
        if request.method != "GET":
            return HttpResponseBadRequest("Expecting GET request")
        return view_func(request, *args, **kwargs)
    wrap.__doc__ = view_func.__doc__
    wrap.__dict__ = view_func.__dict__
    wrap.__name__ = view_func.__name__
    return wrap

    You can then simply prepend your view function with @require_GET and the check will be done whever the view is called. E.g.

    @require_GET
def your_view(request):
    # ...

    You can do the same for POST.

    Here’s an example decorator checking for POST request which takes an optional list of fields that must be provided with the POST request.

    # again, untested so use with care.
def require_POST(view_func, required_fields=None):
    def wrap(request, *args, **kwargs):
        if request.method != "POST":
            return HttpResponseBadRequest("Expecting POST request")
        if required_fields:
            for f in required_fields:
                if f not in request.POST:
                    return HttpResponseBadRequest("Expecting field %s" % f)
        return view_func(request, *args, **kwargs)
    wrap.__doc__ = view_func.__doc__
    wrap.__dict__ = view_func.__dict__
    wrap.__name__ = view_func.__name__
    return wrap

    Use like this:

    @require_POST
def another_view(request):
    # ...

    or:

    @require_POST(required_fields=("username", "password"))
def custom_login_view(request):
    # ...

    Update

    OK, my bad. I’ve just reinvented wheel.

    Django already provides the @require_GET and @require_POST decorators. See django.views.decorators.http.

    • 0