All geek questions in one place

Are django sessisons safe for use in mission critical registration forms?

What is the best practice when developing a critical registration form when it comes to using django-supported sessions?

  • It is generally considered that it is required that a user accept a session cookie?
  • Are there any tips to maximize the percentage of users who can accept session cookies?
+4
source share
2 answers

We used Django for this for almost 3 years and had zero problems. Of course, you want to start with a form on an HTTPS page, not just submit HTTPS - it makes people feel safer.

Django does not play the cookie in URL game like some PHP platforms, so if the user does not accept cookies, he will not work.

Do not forget that if you have all this confidential data, you must process it correctly. We only store the last 4 digits in the online database and for verification purposes only. Everything else is managed through connecting the back door to a separate company that manages the subscription for us.

+8
source

Do not try to use credit cards in your application. There are all kinds of security issues. Go to one of the companies that specialize in this area - I have successfully used RBS Worldpay, but there are many others, and they all exhibit good APIs.

+4
source

Source: https://habr.com/ru/post/1302299/

More articles:


All Articles