The popular and well-regarded Django framework has been around since 2005. It is compatible with any 2.x Python from 2.4 onward, though 2.7 is recommended. The Django engineers are particularly sensitive to compatibility issues, so if a new release of Python adds a feature unavailable to earlier Django versions, engineers on the Django project will either modify code or release a library to make support in older Python versions transparent.
Django ships with all the pieces you need to build a Web application, requiring minimal installation of separate components. The framework includes an ORM (object-relational mapping layer), a template library, a forms library, an URL dispatch mechanism, an administration interface, and other support libraries and useful applications. When you install Django, all that's missing is an external RDBMS, and configuring a connection to a database is simple.
The framework has out-of-the-box protection for most common Web attacks; XSS (cross-site scripting), CSRF (cross-site request forgeries), and SQL injection top the list. In fact, Django's "by default" security features were given a tip of the hat by the Rails community when it introduced XSS protection in Ruby on Rails 3.
This story, "Pillars of Python: Django Web framework" was originally published by InfoWorld.