Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Mastering Django: Core
  • Table Of Contents Toc
Mastering Django: Core

Mastering Django: Core

By : Nigel George
Buy this Book
close
close
Mastering Django: Core

Mastering Django: Core

By: Nigel George
Buy this Book

Overview of this book

Mastering Django: Core is a completely revised and updated version of the original Django Book, written by Adrian Holovaty and Jacob Kaplan-Moss - the creators of Django. The main goal of this book is to make you a Django expert. By reading this book, you’ll learn the skills needed to develop powerful websites quickly, with code that is clean and easy to maintain. This book is also a programmer’s manual that provides complete coverage of the current Long Term Support (LTS) version of Django. For developers creating applications for commercial and business critical deployments, Mastering Django: Core provides a complete, up-to-date resource for Django 1.8LTS with a stable code-base, security fixes and support out to 2018.
Table of Contents (29 chapters)
close
close
close
Preface
Icon
What you need for this book
Icon
Who this book is for
Icon
Conventions
Icon
Reader feedback
Icon
Customer support
Lock Free Chapter
1
1. Introduction to Django and Getting Started
Icon
Introducing Django
Icon
What's next?
2
2. Views and URLconfs
Icon
2. Views and URLconfs
Icon
Your first Django-powered page: Hello World
Icon
Your second view: dynamic content
Icon
URLconfs and loose coupling
Icon
Your third view: dynamic URLs
Icon
Django's pretty error pages
Icon
What's next?
3
3. Templates
Icon
3. Templates
Icon
Template system basics
Icon
Using the template system
Icon
Dictionaries and contexts
Icon
Basic template-tags and filters
Icon
Philosophies and limitations
Icon
Using templates in views
Icon
Template loading
Icon
render()
Icon
Template subdirectories
Icon
The include template tag
Icon
Template inheritance
Icon
What's next?
4
4. Models
Icon
4. Models
Icon
The "dumb" way to do database queries in views
Icon
Configuring the database
Icon
Your first app
Icon
Defining Models in Python
Icon
Basic data access
Icon
What's next?
5
5. The Django Admin Site
Icon
5. The Django Admin Site
Icon
Using the admin site
Icon
Adding your models to the admin site
Icon
Making fields optional
Icon
Customizing field labels
Icon
Custom model admin classes
Icon
Users, groups, and permissions
Icon
When and why to use the admin interface-and when not to
Icon
What's next?
6
6. Forms
Icon
6. Forms
Icon
Getting data from the Request Object
Icon
A simple form-handling example
Icon
Improving our simple form-handling example
Icon
Simple validation
Icon
Making a contact form
Icon
Tying form objects into views
Icon
Changing how fields are rendered
Icon
Setting a maximum length
Icon
Setting initial values
Icon
Custom validation rules
Icon
Specifying labels
Icon
Customizing form design
Icon
What's next?
7
7. Advanced Views and URLconfs
Icon
7. Advanced Views and URLconfs
Icon
URLconf Tips and Tricks
Icon
Performance
Icon
Error handling
Icon
Including other URLconfs
Icon
Passing extra options to view functions
Icon
Reverse resolution of URLs
Icon
Naming URL patterns
Icon
URL namespaces
Icon
What's next?
8
8. Advanced Templates
Icon
8. Advanced Templates
Icon
Template language review
Icon
Requestcontext and context processors
Icon
Guidelines for writing our own context processors
Icon
Automatic HTML escaping
Icon
Inside Template loading
Icon
Extending the template system
Icon
Custom template tags and filters
Icon
Advanced custom template tags
Icon
What's next
9
9. Advanced Models
Icon
9. Advanced Models
Icon
Related objects
Icon
Managers
Icon
Model methods
Icon
Executing raw SQL queries
Icon
Performing raw queries
Icon
Executing custom SQL directly
Icon
What's next?
10
10. Generic Views
Icon
10. Generic Views
Icon
Generic views of objects
Icon
Making "friendly" template contexts
Icon
Adding extra context
Icon
Viewing subsets of objects
Icon
Dynamic filtering
Icon
Performing extra work
Icon
What's next?
11
11. User Authentication in Django
Icon
11. User Authentication in Django
Icon
Overview
Icon
Using the Django authentication system
Icon
User objects
Icon
Permissions and authorization
Icon
Authentication in web requests
Icon
Authentication views
Icon
Authenticating data in templates
Icon
Managing users in the admin
Icon
Password management in Django
Icon
Customizing authentication in Django
Icon
Custom permissions
Icon
Extending the existing user model
Icon
Substituting a custom user model
Icon
What's next?
12
12. Testing in Django
Icon
Introduction to testing
Icon
Introducing automated testing
Icon
Basic testing strategies
Icon
Writing a test
Icon
Creating a test
Icon
Running tests
Icon
Testing tools
Icon
The test database
Icon
Using different testing frameworks
Icon
What's next?
13
13. Deploying Django
Icon
13. Deploying Django
Icon
Preparing your codebase for production
Icon
Critical settings
Icon
Environment-specific settings
Icon
HTTPS
Icon
Performance optimizations
Icon
Error reporting
Icon
Using a virtualenv
Icon
Using different settings for production
Icon
Deploying Django to a production server
Icon
Deploying Django with Apache and mod_wsgi
Icon
Serving static files in production
Icon
Scaling
Icon
Performance tuning
Icon
What's next?
14
14. Generating Non-HTML Content
Icon
14. Generating Non-HTML Content
Icon
The basics: views and MIME types
Icon
Producing CSV
Icon
Using the template system
Icon
Other text-based formats
Icon
Generating PDF
Icon
Install ReportLab
Icon
Write your view
Icon
Complex PDF's
Icon
Further resources
Icon
Other possibilities
Icon
The syndication feed framework
Icon
The high-level framework
Icon
The low-level framework
Icon
The Sitemap framework
Icon
What's next?
15
15. Django Sessions
chevron up
Icon
15. Django Sessions
Icon
Enabling sessions
Icon
Configuring the session engine
Icon
Using Sessions in Views
Icon
Session object guidelines
Icon
Session serialization
Icon
Setting test cookies
Icon
Using sessions out of views
Icon
When sessions are saved
Icon
Browser-length sessions vs. persistent sessions
Icon
Clearing the session store
Icon
What's next
16
16. Djangos Cache Framework
Icon
16. Djangos Cache Framework
Icon
Setting up the cache
Icon
The per-site cache
Icon
The per-view cache
Icon
Template fragment caching
Icon
The low-level cache API
Icon
Downstream caches
Icon
Using vary headers
Icon
Controlling cache: using other headers
Icon
What's next?
17
17. Django Middleware
Icon
17. Django Middleware
Icon
Activating middleware
Icon
Hooks and application order
Icon
Writing your own middleware
Icon
Available middleware
Icon
Middleware ordering
Icon
What's next?
18
18. Internationalization
Icon
18. Internationalization
Icon
Definitions
Icon
Translation
Icon
Internationalization: in Python code
Icon
Internationalization: In template code
Icon
Internationalization: In Javascript code
Icon
Internationalization: In URL patterns
Icon
Localization: How to create language files
Icon
Explicitly setting the active language
Icon
Using translations outside views and templates
Icon
Implementation notes
Icon
What's next?
19
19. Security in Django
Icon
19. Security in Django
Icon
Django's built in security features
Icon
Additional security tips
20
20. More on Installing Django
Icon
20. More on Installing Django
Icon
Running other databases
Icon
Installing Django manually
Icon
Upgrading Django
Icon
Installing a Distribution-specific package
Icon
Installing the development version
Icon
What's next?
21
21. Advanced Database Management
Icon
21. Advanced Database Management
Icon
General notes
Icon
postgreSQL notes
Icon
MySQL notes
Icon
SQLite notes
Icon
Oracle notes
Icon
Using a 3rd-Party database backend
Icon
Integrating Django with a legacy database
Icon
What's next?
22
A. Model Definition Reference
Icon
A. Model Definition Reference
Icon
Fields
Icon
Universal field options
Icon
Field attribute reference
Icon
Relationships
Icon
Model metadata options
23
B. Database API Reference
Icon
B. Database API Reference
Icon
Creating objects
Icon
Saving changes to objects
Icon
Retrieving objects
Icon
Complex lookups with Q objects
Icon
Comparing objects
Icon
Deleting objects
Icon
Copying model instances
Icon
Updating multiple objects at once
Icon
Related objects
Icon
Falling back to raw SQL
24
C. Generic View Reference
Icon
C. Generic View Reference
Icon
Common arguments to generic views
Icon
Simple generic views
Icon
List/detail generic views
Icon
Date-Based Generic Views
Icon
Form handling with class-based views
25
D. Settings
Icon
D. Settings
Icon
What's a settings file?
Icon
Using settings in Python code
Icon
Altering settings at runtime
Icon
Security
Icon
Creating your own settings
Icon
DJANGO_SETTINGS_MODULE
Icon
Using settings without setting DJANGO_SETTINGS_MODULE
Icon
Available settings
26
E. Built-in Template Tags and Filters
Icon
E. Built-in Template Tags and Filters
Icon
Built-in tags
Icon
Built-in filters
Icon
Internationalization tags and filters
Icon
Other tags and filters libraries
27
F. Request and Response Objects
Icon
F. Request and Response Objects
Icon
HttpRequest objects
Icon
QueryDict objects
Icon
HttpResponse objects
Icon
JsonResponse Objects
Icon
StreamingHttpResponse objects
Icon
FileResponse objects
Icon
Error views
Icon
Customizing error views
28
G. Developing Django with Visual Studio
Icon
G. Developing Django with Visual Studio
Icon
Installing Visual Studio
Icon
Creating A Django project
Icon
Django development in Visual Studio

Session serialization

Before version 1.6, Django defaulted to using pickle to serialize session data before storing it in the backend. If you're using the signed cookie session backend and SECRET_KEY is known by an attacker (there isn't an inherent vulnerability in Django that would cause it to leak), the attacker could insert a string into their session which, when unpickled, executes arbitrary code on the server. The technique for doing so is simple and easily available on the internet.

Although the cookie session storage signs the cookie-stored data to prevent tampering, a SECRET_KEY leak immediately escalates to a remote code execution vulnerability. This attack can be mitigated by serializing session data using JSON rather than pickle. To facilitate this, Django 1.5.3 introduced a new setting, SESSION_SERIALIZER, to customize the session serialization format. For backwards compatibility, this setting defaults to using django.contrib.sessions.serializers.PickleSerializer in...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Mastering Django: Core
End of Section 15
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon