Abstract

. Today information security has become one of the most important parts of our social media life. Social and media resources are based on web-services in the cloud. It means security of web-services is the equality of people’s social, media, data and information security. In this paper the most important focus was on special secure techniques and tools inside the most popular web-framework on Python programming language - Django. Django has several really strong design patterns and techniques with special tools to store and send user’s data in very secure methods. Developer can easily install in Django-application some new extra instruments, tools and special libraries to make web-application more securable. Django has such extremely useful instruments like Django-ORM, CSRF-tokens, XSS-protection and so many else. For example, Django-ORM (Object-Relational Mapping) is a really powerful instrument to be used for protection of such attacks like SQL-injections. One more instance, CSRF-token (Cross-site request forgery - token) is really amazing internal Django's tool against cross-site request forgery attacks that Django uses in html-templates. The best practice and good examples of these tools are shown inside this paper. Moreover, in the paper were demonstrated comparison of different attack cases and their deep analysis with protection methods from these attacks by Django's tools and techniques. One more thing, we also briefly reviewed other types of vulnerabilities and methods of protection against them and hope this article has given an understanding of the Django security techniques. Finally, Django could become more securable after each next version.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.