Bird
0
0

A developer tries to fix a security warning by adding @csrf_exempt to a Django view. What is the impact?

medium📝 Debug Q7 of 15
Django - Security Best Practices
A developer tries to fix a security warning by adding @csrf_exempt to a Django view. What is the impact?
AIt forces HTTPS for that view
BIt enables extra CSRF protection automatically
CIt fixes SQL injection vulnerabilities
DIt disables CSRF protection for that view, increasing risk
Step-by-Step Solution
Solution:

  1. Step 1: Understand what @csrf_exempt does

    This decorator disables CSRF protection on the decorated view.

  2. Step 2: Identify security consequences

    Disabling CSRF protection increases risk of cross-site request forgery attacks on that view.

  3. Final Answer:

    It disables CSRF protection for that view, increasing risk -> Option D

  4. Quick Check:

    @csrf_exempt disables CSRF, raising risk [OK]
Quick Trick: Avoid @csrf_exempt unless absolutely necessary [OK]
Common Mistakes:
MISTAKES
  • Thinking @csrf_exempt adds protection
  • Confusing CSRF with SQL injection fixes
  • Assuming it forces HTTPS

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Django Quizzes
Caching - Per-view caching - Quiz 5medium Celery and Background Tasks - Why background tasks matter - Quiz 15hard DRF Advanced Features - Why advanced DRF features matter - Quiz 15hard DRF Advanced Features - Serializer validation - Quiz 5medium Deployment and Production - Nginx as reverse proxy - Quiz 1easy Django REST Framework Basics - Generic views in DRF - Quiz 2easy Signals - Receiver decorator - Quiz 11easy Signals - pre_save and post_save signals - Quiz 2easy Testing Django Applications - Testing views with Client - Quiz 6medium Testing Django Applications - Testing API endpoints - Quiz 9hard