Dan Poirier wrote an article on the Caktus Group blog about common web site security vulnerabilities. In it he talked about the CSRF protection in Django. Although he is right about a CSRF token having to be part of the POST request, this is not the entire story.
Articles tagged as “django”
There are several technologies (in the Python world) to have isolated environments for projects. In this article I will describe how we use Virtualenv, Buildout and Docker for a project I’m working on at Fox-IT.
To introduce a coworker to our project and Django in general, I suggested that he would try PyCharm, a Python IDE. One of the (many) nice things of PyCharm is that you can easily jump to the place where something is declared—ideal for exploring a project.
Django offers useful classes to easily send email. It is also easy to add attachments to emails. I did have to puzzle a bit to get embedded images working. This article describes the way I do it now. I will first describe the most important elements and then I will show a more complete example.
Since April 2012 we are using Whiskers to store information about our Plone and Django buildouts. But when I moved the setup behind SSL, the browser started to complain about unsafe content.
In this article I share the podcasts listen to on my daily commute.
Several Pythonistas switched to a static blog this year. If you are also looking into static blog engines, give Acrylamid a go.
As of today I am using Disqus for comments on this site. This meant that I had to migrate the old comments (which used django.contrib.comments) to Disqus. Here’s a short description of how I did this.
Last year I participated in a deployment knowledge sharing session and I started implementing changes at my company pretty soon after. The result is that we are using Puppet for some parts of our server configuration. We also added Munin to our monitoring toolset (and I used Puppet to deploy Munin and manage its configuration). But an important piece that was still missing in our setup was an overview of which packages we use in the buildouts of our clients and more specifically which version each client uses.
Are you using a jQuery plugin, for instance
jQuery UI, to spice up the Django admin site?
Then you might get either an error like “foo is not a function”
(Firebug) or “Object … has no method foo”
(Chrome Developer Tools). Confused
foo should be defined in the plugin? Don’t worry, the
solution is simple.