在我的主页上,我对每个访问者进行了随机投票。加载主页后,自动 HTTP GET 会触发我的视图为该轮询生成唯一的会话 ID。这是为了确保用户确实在对我在我看来为他们随机生成的投票进行投票,而不是仅仅手动构建他们自己的 HTTP POST 来对他们想要的投票进行投票。
但是,使用初始 HTTP GET,我还将唯一 id 保存到我的数据库中,以便我可以验证他们未来的 POST。如果用户使用 HTTP GET 向我的主页发送垃圾邮件以触发多个数据库写入,这是否会产生安全问题?
我知道 HTTP GET 不应该改变我的应用程序的状态,但现在是否适合 HTTP GET 这样做?如果没有,我将如何解决这个困境?
当我使用 HTTP GET 跨越我的服务器时,我收到以下错误。此错误是来自对我的数据库的过多写入还是其他原因?
Traceback (most recent call last):
File "/usr/lib/python2.7/wsgiref/handlers.py", line 86, in run
self.finish_response()
File "/usr/lib/python2.7/wsgiref/handlers.py", line 127, in finish_response
self.write(data)
File "/usr/lib/python2.7/wsgiref/handlers.py", line 210, in write
self.send_headers()
File "/usr/lib/python2.7/wsgiref/handlers.py", line 268, in send_headers
self.send_preamble()
File "/usr/lib/python2.7/wsgiref/handlers.py", line 195, in send_preamble
self._write('Server: %s\r\n' % self.server_software)
File "/usr/lib/python2.7/socket.py", line 324, in write
self.flush()
File "/usr/lib/python2.7/socket.py", line 303, in flush
self._sock.sendall(view[write_offset:write_offset+buffer_size])
error: [Errno 104] Connection reset by peer
----------------------------------------
Exception happened during processing of request from ('127.0.0.1', 58092)
Traceback (most recent call last):
File "/usr/lib/python2.7/SocketServer.py", line 582, in process_request_thread
self.finish_request(request, client_address)
File "/usr/lib/python2.7/SocketServer.py", line 323, in finish_request
self.RequestHandlerClass(request, client_address, self)
File "/usr/local/lib/python2.7/dist-packages/django/core/servers/basehttp.py", line 139, in __init__
super(WSGIRequestHandler, self).__init__(*args, **kwargs)
File "/usr/lib/python2.7/SocketServer.py", line 640, in __init__
self.finish()
File "/usr/lib/python2.7/SocketServer.py", line 693, in finish
self.wfile.flush()
File "/usr/lib/python2.7/socket.py", line 303, in flush
self._sock.sendall(view[write_offset:write_offset+buffer_size])
error: [Errno 32] Broken pipe