Hi am having an API url when a user submits the page, URL will be called and POSTED data will be saved in DB through tastypie api.
My question here is,
Am not using credentials while POSting data since it is a form submission, so when an intruder comes to know about my API url and data to be posted he can post bulk amount of data to my DB and crash it,right?
How to prevent this or it is already prevented by any measure,Please Explain.
Thanks.
If you need to allow people to POST with no auth, then there is nothing you can do to prevent someone just POSTing random data. What you can do is throttling the user so they don't post that much data.
http://django-tastypie.readthedocs.org/en/latest/throttling.html
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.