Is it possible to restrict url access from application only in Django REST

337 views Asked by At

I have Web application with angular as frontend and Django REST as backend.

My web application does the request like

/api/options/user?filter={}

Now is it possible that if those requests are made from application then they go through but they type that in broswer directly and edit some filters then they don't work

Although the data is not sensitive and they can still see it via console but i just don't want them to play with it or at least make it hard

1

There are 1 answers

0
Scott Hunter On BEST ANSWER

You can't rely on the URL to distinguish between the two cases. You could have your application provide information in the headers of the request, which a browser would not know, but someone writing their own application could mimic your technique.