Is it safe to use url link to sort table rows using Django for backend?
I was asking my supervisor for an opinion to sort rows of a table.
When a table head column is clicked, I basically change the url to: /?order_by=price
then check
if url == /?order_by=price:
Inventory.objects.order_by('price')
He told me I could do this in frontend with css,because if someone enters a bad input or injects smth, they can access my whole table.
Is the backend logic with Django good for this problem, or should I do it as he said?