Django

Django Security

CSRF protection, XSS prevention, SQL injection, clickjacking, HTTPS, security middleware, best practices

22 pertanyaan wawancara·
Mid-Level
1

What is the main purpose of the CSRF token in Django?

Jawaban

The CSRF token protects against Cross-Site Request Forgery attacks where a malicious site sends requests on behalf of an authenticated user. Django generates a unique token per session and verifies its presence in POST forms. This prevents attackers from forging requests since they cannot guess the random token.

2

How to include the CSRF token in a Django form?

Jawaban

The csrf_token template tag automatically generates a hidden field containing the CSRF token. It must be placed inside the form tag for POST requests. Django then verifies this token via the CsrfViewMiddleware. Without this tag, the form will be rejected with a 403 Forbidden error.

3

Which decorator allows exempting a view from CSRF verification?

Jawaban

The csrf_exempt decorator disables CSRF protection for a specific view. It is useful for external API endpoints that cannot provide a CSRF token. However, its use should be limited as it exposes the view to CSRF attacks. For APIs, token-based authentication is preferred.

4

How does Django automatically protect against XSS attacks in templates?

5

Which template filter allows displaying unescaped HTML content in Django?

+19 pertanyaan wawancara

Topik wawancara Django lainnya

Python Basics

Junior
25 pertanyaan

Python OOP

Junior
20 pertanyaan

Django Fundamentals

Junior
20 pertanyaan

Django Models - Basics

Junior
22 pertanyaan

Django Views

Junior
20 pertanyaan

Django Templates

Junior
18 pertanyaan

Django Forms

Mid-Level
22 pertanyaan

Advanced QuerySets

Mid-Level
25 pertanyaan

Django Authentication

Mid-Level
22 pertanyaan

Django Middleware

Mid-Level
18 pertanyaan

Django Admin

Mid-Level
20 pertanyaan

Django REST Framework

Mid-Level
30 pertanyaan

Django Signals

Mid-Level
18 pertanyaan

File Upload

Mid-Level
20 pertanyaan

Django Caching

Mid-Level
20 pertanyaan

Django Sessions

Mid-Level
18 pertanyaan

Django Email

Mid-Level
18 pertanyaan

Django Testing

Mid-Level
22 pertanyaan

Django Deployment

Mid-Level
24 pertanyaan

Advanced Django ORM

Senior
28 pertanyaan

Django Performance

Senior
24 pertanyaan

Django & Celery

Senior
22 pertanyaan

Django Channels

Senior
24 pertanyaan

Django & GraphQL

Senior
24 pertanyaan

Django & Docker

Senior
20 pertanyaan

Django in Microservices Ecosystem

Senior
24 pertanyaan

Custom Django Commands

Senior
18 pertanyaan

Django Internationalization

Senior
20 pertanyaan

Django Design Patterns

Senior
24 pertanyaan

Django Async & ASGI

Senior
26 pertanyaan

Settings & Production Configuration

Senior
22 pertanyaan

Observability & Monitoring

Senior
24 pertanyaan

Kuasai Django untuk wawancara berikutnya

Akses semua pertanyaan, flashcards, tes teknis, latihan code review dan simulator wawancara.

Mulai gratis