Django security tools


Popular Django security tools

Bleach (sanitizing library for Django)

data sanitizing

Bleach is a library for Django that can sanitize HTML by escaping and stripping harmful content. It provides a filter for untrusted content and disarms potential unwanted scripts from the input. This may be useful to apply to data that is transmitted via HTML forms or otherwise.

django-guardian (per object permissions for Django)

application security

The django-guardian project is typically used in environments and projects where the default Django permissions are not enough. For example, an application with multiple users and many objects may require detailed permissions on who can see a particular record. This could go as far as giving only the creator of a record (=object) access plus the people with a particular access level.

django-security (Security add-ons for Django)

application security

Django-security is an extension for developers seeking more security measures in their Django project. The toolkit can set or activate particular settings improving security. Examples of these settings include the use of particular HTTP headers that increase the security defenses of the web application.

Part of the toolkit is middleware to enforce password strength, set the do-not-track header, enable content security policy (CSP), enable privacy policy (P3P), limit session…

Missing a favorite tool in this list? Share a tool suggestion and we will review it.

Related topics

Looking for more specific topics within this tool group? Have a look at the following relevant topics.