Tutorial by Examples

Cross Site Scripting (XSS) protection

XSS attacks consist in injecting HTML (or JS) code in a page. See What is cross site scripting for more information. To prevent from this attack, by default, Django escapes strings passed through a template variable. Given the following context: context = { 'class_name': 'large" style=&...

Clickjacking protection

Clickjacking is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on. Learn more To enable clickjacking protection, add the XFrameOptionsMiddleware to your middleware classes. This should already be there if you didn...

Cross-site Request Forgery (CSRF) protection

Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts. Learn more To enable CSRF protection, add the CsrfViewMid...

Page 1 of 1

logo rip
SUPPORT & PARTNERS
STAY CONNECTED

Get monthly updates about new articles, cheatsheets, and tricks.