[Solved] Why is it important to avoid using 'unsafe-inline' in your Django Content Security Policy? — Ans: Because it disables the protection against cross-site scripting attacks | Django

Django - Security Best Practices

Why is it important to avoid using 'unsafe-inline' in your Django Content Security Policy?

ABecause it prevents loading external images

BBecause it causes the website to load slower

CBecause it disables the protection against cross-site scripting attacks

DBecause it breaks user authentication

Step-by-Step Solution

Solution:

Step 1: Understand 'unsafe-inline' effect
Using 'unsafe-inline' allows any inline scripts, removing CSP's protection against malicious scripts.
Step 2: Recognize security risk
This makes the site vulnerable to cross-site scripting (XSS) attacks.
Final Answer:
Because it disables the protection against cross-site scripting attacks -> Option C
Quick Check:
'unsafe-inline' disables XSS protection = Because it disables the protection against cross-site scripting attacks [OK]

Quick Trick: Avoid 'unsafe-inline' to keep XSS protection active [OK]

Common Mistakes:

MISTAKES

Master "Security Best Practices" in Django

9 interactive learning modes - each teaches the same concept differently

More Django Quizzes

Why is it important to avoid using 'unsafe-inline' in your Django Content Security Policy?