We are going to restrict our AJAX views to allow only requests generated via AJAX. The Django Request object provides an
is_ajax() method that checks if the request is being made with
XMLHttpRequest, which means it is an AJAX request. This value is set in the
We are going to create a decorator for checking the
HTTP_X_REQUESTED_WITH header in our views. A decorator is a function that takes another function and extends the behavior of the latter without explicitly modifying it. If the concept of decorators is foreign to you, you might like to take a look at https://www.python.org/dev/peps/pep-0318/ before you ...