[Django]-Is data in Django’s request.POST object sanitised, at least enough for direct use in an ORM query?

17 December 2023 by thecoderscamp.com

8👍

✅

request.POST itself is not sanitized, but the Django ORM automatically sanitizes anything your throw at it, so yes, it’s safe to simply pass it right to the ORM. Just be careful with using raw or extra.

👤Chris Pratt

[Django]-Order by a content object's value in Django

Source:stackexchange.com

Leave a comment Cancel reply