I have a Vue 3
frontend site that I want to be able to sign up new users. When the user enters their information into the frontend, the frontend will send a POST
request to the backend which is a Django REST API
. The backend will then create the user.
But how can I verify that the frontend is the Origin sending the request? I would think there would be a problem if someone just set up a script to execute 1000 curl
commands to flood my database with users (although I guess someone could still do this if they set up an automated script to enter information via selenium or something).
Would it be secure for Django to look at the Origin
header when handling the POST
request or can this be forged?
I have also already read the accepted answer here but it did not really answer my question.