There should be a section in the "Security in Django" about this.
--
Ticket URL: <https://code.djangoproject.com/ticket/26464>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
* needs_better_patch: => 0
* needs_tests: => 0
* needs_docs: => 0
Comment:
As the introduction says, "This document is an overview of Django’s
security features". How would you frame this issue as one of Django's
features?
--
Ticket URL: <https://code.djangoproject.com/ticket/26464#comment:1>
Comment (by CrazyPython):
> It includes advice on securing a Django-powered site.
Maybe include it in "Additional security Topics"?
--
Ticket URL: <https://code.djangoproject.com/ticket/26464#comment:2>
* easy: 1 => 0
Comment:
I've raised some ideas about this on the
[https://groups.google.com/d/topic/django-
developers/_Z6ZufcOmps/discussion django-developers mailing list].
--
Ticket URL: <https://code.djangoproject.com/ticket/26464#comment:3>
* has_patch: 0 => 1
* stage: Unreviewed => Accepted
Comment:
The discussion on the mailing list concluded to to add a link to the OWASP
Top 10: [https://github.com/django/django/pull/6425 PR].
--
Ticket URL: <https://code.djangoproject.com/ticket/26464#comment:4>
* stage: Accepted => Ready for checkin
--
Ticket URL: <https://code.djangoproject.com/ticket/26464#comment:5>
Comment (by Tim Graham <timograham@…>):
In [changeset:"f6ca63a9f8b3d030097135e096c1041e09c29fd9" f6ca63a9]:
{{{
#!CommitTicketReference repository=""
revision="f6ca63a9f8b3d030097135e096c1041e09c29fd9"
Refs #26464 -- Added a link to OWASP Top 10 in security topic guide.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/26464#comment:6>
Comment (by Tim Graham <timograham@…>):
In [changeset:"bdbfa1b1f81536642cb4518877bdb4ecd18e83b7" bdbfa1b1]:
{{{
#!CommitTicketReference repository=""
revision="bdbfa1b1f81536642cb4518877bdb4ecd18e83b7"
[1.9.x] Refs #26464 -- Added a link to OWASP Top 10 in security topic
guide.
Backport of f6ca63a9f8b3d030097135e096c1041e09c29fd9 from master
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/26464#comment:7>
* status: new => closed
* resolution: => fixed
--
Ticket URL: <https://code.djangoproject.com/ticket/26464#comment:8>