SCG WF Django

From OWASP
Jump to: navigation, search
This article is part of the OWASP Secure Configuration Guide.
Back to the OWASP Secure Configuration Guide ToC: https://www.owasp.org/index.php/Secure_Configuration_Guide Back to the OWASP Secure Configuration Guide Project: https://www.owasp.org/index.php/OWASP_Secure_Configuration_Guide


Summary

Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Built by experienced developers, it takes care of much of the hassle of Web development, so you can focus on writing your app without needing to reinvent the wheel. It’s free and open source.

Common Misconfigurations

Django designed to automatically protect you from many of the common security mistakes that new (and even experienced) Web developers make. Django takes security seriously and helps developers avoid many common security mistakes. In most cases, security errors caused by deficiencies in the configuration. The official documentation contains detailed information about the dangers that await you in the use of the framework. For test and remediation common misconfigurations you can use a great checklist:

How to test

To automatically check you can use online services, such as:

or python packages, such as:

References

https://docs.djangoproject.com/en/1.7/topics/security/