mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-07-19 17:19:12 +00:00
Code Issues 32 Releases Wiki Activity

[1.9.x] Refs #26464 -- Added a link to OWASP Top 10 in security topic guide.

Browse Source 
Backport of f6ca63a9f8b3d030097135e096c1041e09c29fd9 from master
This commit is contained in:
Tim Graham 2016-04-06 13:00:38 -04:00
parent 99bec24f99
commit bdbfa1b1f8
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/topics/security.txt
View File

@ -273,5 +273,10 @@ security protection of the Web server, operating system and other components.
* Keep your :setting:`SECRET_KEY` a secret.
* It is a good idea to limit the accessibility of your caching system and
database using a firewall.
* Take a look at the Open Web Application Security Project (OWASP) `Top 10
list`_ which identifies some common vulnerabilities in web applications. While
Django has tools to address some of the issues, other issues must be
accounted for in the design of your project.
.. _LimitRequestBody: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody
.. _Top 10 list: https://www.owasp.org/index.php/Top_10_2013-Top_10