2👍
✅
Firstly, this code could be shortened too:
if 'mysite.com' not in request.META.get('HTTP_REFERER', ''):
return redirect('/')
Secondly, HTTP_REFERER is not guaranteed to be present. It might just be users are using bookmarks, or browser autocomplete which will mean the HTTP_REFERER may or may not be present in the cases you are testing.
If a valid user of the site who uses a bookmark will be redirected. Likewise an invalid user who gets referred from somedomain.com/mysite.com will be redirected. In this case it might be better to use a startwith() when checking the referer. Is there not a better way you can manage what you are trying to do.
Maybe you can update the question with a little more context. I will be willing to help you as best as I can.
Source:stackexchange.com