Need help on django urls

How to validate the url if some change the name in url and update the form,

Suppos开发者_如何转开发e : If i want to update a profile ,after click on the update button.ulr link will be like below

url : http://localhost:8000/profile_edit/sushanth/

i found there is an security loop here,a person can change the name on the url and he can edit other person profile,how to close this loop hole while updating the form in django.

Thanks in advance...:)

---

You just need to check in your view that the user is the correct one.

@login_required
def profile_edit(request, username):
    if username != request.user.username:
        return HttpResponseNotAllowed()