EDIT: I mistakenly pasted the wrong link... This is what meant to reference: http://security.stackexchange.com/questions/27805/is-djangos-built-in-security-enough Sorry for the confusion.
On Mon, Apr 11, 2016 at 10:43 AM, Adam Cox <[email protected]> wrote: > Hello, I'm anticipating security-related questions, and I was looking into > what people have to say about Django generally. I'm wondering if an Arches > developer can comment on the subjects raised in this thread: > https://groups.google.com/forum/#!topic/archesproject/sXu6qpMuoAs, > regarding SQL Injection, CRSF, and XSS attacks. I've noticed a couple of > specific things--that a number of model functions have the crsf_exempt > decorator, and that the "|safe" filter is used in the report templates, for > example--but I would appreciate a general rundown of how Arches is a secure > Django application. > > Thanks, > Adam > > -- > -- To post, send email to [email protected]. To unsubscribe, > send email to [email protected]. For more > information, visit https://groups.google.com/d/forum/archesproject?hl=en > --- > You received this message because you are subscribed to the Google Groups > "Arches Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- -- To post, send email to [email protected]. To unsubscribe, send email to [email protected]. For more information, visit https://groups.google.com/d/forum/archesproject?hl=en --- You received this message because you are subscribed to the Google Groups "Arches Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
