CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl-labs/django-security-basics

Security essentials for Django — CSRF, CORS, security middleware, ALLOWED_HOSTS,

99

2.91x
Quality

99%

Does it follow best practices?

Impact

99%

2.91x

Average score across 2 eval scenarios

SecuritybySnyk

Passed

No known issues

Overview
Quality
Evals
Security
Files

Evaluation results

100%

61%

Project Management REST API

Criteria
Without context
With context

SECURE_SSL_REDIRECT enabled

0%

100%

HSTS enabled

0%

100%

CSRF_TRUSTED_ORIGINS configured

0%

100%

SESSION_COOKIE_SECURE enabled

0%

100%

SECRET_KEY from environment

100%

100%

DEBUG is False for production

100%

100%

ALLOWED_HOSTS configured

50%

100%

98%

68%

User Registration and Login App

Criteria
Without context
With context

Password validators configured

100%

100%

CSRF protection in templates

100%

100%

Session cookie secure and httponly

0%

100%

CSRF cookie secure

0%

100%

SECRET_KEY from environment

0%

85%

SECURE_SSL_REDIRECT enabled

0%

100%

HSTS enabled

0%

100%

No sensitive data in logs

100%

100%

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

Project Management REST APIUser Registration and Login App