Django community: RSS
This page, updated regularly, aggregates Django links from the Django community.
-
Tightening Django Admin Logins
-
Tightening Django Admin Logins
-
xss - Is Django's built-in security enough? - Information Security Stack Exchange
SQL injection. If you use Django's object-relational mapper (ORM) layer, you are basically protected from SQL injection. The only caveat is that you need to avoid manually forming SQL queries using string concatenation. For instance, do not use raw SQL queries (e.g., raw()). Similarly, do not use the extra() method/modifier to inject raw SQL. Do not execute custom SQL directly; if you bypass Django's ORM layer, you bypass its protections against SQL injection. CSRF. Django's built-in CSRF protection is good. Make sure you enable it and use it everywhere. Django provides ways to disable it locally or globally; obviously, don't do that. It is important that you make sure that GET requests do not have any side effects. For requests which can have a side-effect, make sure you use a POST request (and do not accept a GET request for those). This is standard web design, but some developers screw it up; Django's built-in CSRF prevention assumes you get this right. There are some caveats if you have subdomains (e.g., your web app is hosted on www.example.com and there is a subdomain alice.example.com that hosts user-controlled content); the built-in CSRF protection might not be sufficient in that case. That's a … -
Using fail2ban with Django
-
Metamon - Vagrant/Ansible toolkit for kickstarting Django apps
https://news.ycombinator.com/item?id=8923131 -
Another shot at this problem ..
-
Table Of Contents — Haystack 2.1.1-dev documentation
-
More on Django FormView - Nam Ngo's blog
-
django-cachalot — django-cachalot 1.0.0rc documentation
-
django-cachalot — django-cachalot 1.0.0rc documentation
-
Understanding decorators - Agiliq Blog | Django web app development
-
Understanding decorators - Agiliq Blog | Django web app development
-
Writing your first Django app, part 1 | Django documentation | Django
-
Welcome to Python Social Auth’s documentation! — Python Social Auth documentation
"Python Social Auth aims to be an easy to setup social authentication and authorization mechanism for Python projects supporting protocols like OAuth (1 and 2), OpenId and others." -
laginha/yard
-
laginha/yard
-
Indices and tables — Django Autoslug 1.7 documentation
-
Indices and tables — Django Autoslug 1.7 documentation
-
Welcome to django-paypal’s documentation! — django-paypal 0.2 documentation
-
Welcome to django-paypal’s documentation! — django-paypal 0.2 documentation
-
spookylukey/django-paypal
-
spookylukey/django-paypal
-
DjangoGirls: Enseñado programación a mujeres – Crea | Comparte | Inspira
-
DjangoGirls: Enseñado programación a mujeres – Crea | Comparte | Inspira
-
django-notifications-hq 0.6.2 : Python Package Index
