To see if you're vulnerable to these attacks and others, use the django-secure package:

http://pypi.python.org/pypi/django-secure

Awesome work! Glad they added Paul to the core Django development team.

"The first three security issues above were all reported to us by Paul McMillan, who -- due to his prolific work on identifying and helping to mitigate security issues in Django -- has now been added to the Django core development team. The patches for the above issues were also developed primarily by Paul."

This is one reason why Django is awesome.