Dan Poirier wrote an article on the Caktus Group blog about common web site security vulnerabilities. In it he talked about the CSRF protection in Django. Although he is right about a CSRF token having to be part of the POST request, this is not the entire story.
There are several technologies (in the Python world) to have isolated environments for projects. In this post I will describe how we use Virtualenv, Buildout and Docker for a project I’m working on at Fox-IT.
To introduce a coworker to our project and Django in general, I suggested that he would try PyCharm, a Python IDE. One of the (many) nice things of PyCharm is that you can easily jump to the place where something is declared—ideal for exploring a project.
Django offers useful classes to easily send email. It is also easy to add attachments to emails. I did have to puzzle a bit to get embedded images working. This article describes the way I do it now. I will first describe the most important elements and then I will show a more complete example.
Since April 2012 we are using Whiskers to store information about our Plone and Django buildouts. But when I moved the setup behind SSL, the browser started to complain about unsafe content.
Several Pythonistas switched to a static blog this year. If you are also looking into static blog engines, give Acrylamid a go.
As of today I am using Disqus for comments on this site. This meant that I had to migrate the old comments (which used django.contrib.comments) to Disqus. Here’s a short description of how I did this.
Last year I participated in a deployment knowledge sharing session and I started implementing changes at my company pretty soon after. The result is that we are using Puppet for some parts of our server configuration. We also added Munin to our monitoring toolset (and I used Puppet to deploy Munin and manage its configuration). But an important piece that was still missing in our setup was an overview of which packages we use in the buildouts of our clients and more specifically which version each client uses.
Are you using a jQuery plugin, for instance jQuery UI,
to spice up the Django admin site? Then you might get either an error like “foo is not a function” (Firebug) or “Object ... has no method foo” (Chrome Developer Tools).
Are you confused because foo should be defined in the plugin? Don’t worry, the
solution is simple.
A lightning talk by Thijs Jonkman at the Dutch Plone User Day once again brought Compass to my attention. I’ve read about it on other occasions, but I never actually tried it. But Thijs really made me want to try it for myself.
On June 16th Jan-Jaap Driessen from The Health Agency (THA) organised a meeting to share knowledge about using Puppet, zc.buildout, release management and how those are related. For the most part, Jan-Jaap showed us his setup. My impression in one word: wow! They are running a tight ship at THA!
A tale of how I learned about PostgreSQL sequence generators the hard way.
One of the things that was still on my wish list for this site, was a proper search. In two articles I will explain how I’ve done this. The previous article described why I picked Djapian. This article focusses on some of the technical aspects of my setup.
One of the things that was still on my wish list for this site, was a proper search. In two articles I will explain how I’ve done this. The next article will describe the way I have currently set things up. This article will primarily focus on the journey I made to come to my choice (Djapian).
Initially I was a bit sceptic about Fabric. After all, I’m already using buildout to manage projects. “How much better can it get?” After watching the video of the Django Deployment Workshop (held by Jacob Kaplan-Moss at PyCon 2010 Atlanta), I finally decided to see for myself what Fabric is all about.
Google’s Webmaster Tools provide the modern webmaster/developer with some nice tools to improve a website and the way the site is indexed. In this article I’ll focus on the crawler related tools. Specifically, how they helped me when I migrated from Plone to Django.
After this website migrated from Plone to Django, the comment spammers found my site more interesting. Instead of five spam comments a year, I suddenly got the same amount per week. Although those comments were never published (more on that later), it did annoy me. By no longer displaying the comment form below the blog entries, the problem of the spam seems to be solved. While this wasn’t my goal, it is a nice side effect.
When migrating from Plone to Django, I had problems with editing
weblog entries with a dot in the url. Apparently Django doesn’t allow
dots in a SlugField. Here’s how I solved it.
In April Packt published Django 1.1 Testing and Debugging by Karen M. Tracey. After reading it I figured I might as well write a review.
After a comment by Matt Hamilton on Twitter about the lines of code in my website project I listed in my previous weblog entry, I decided to dive in a bit deeper.
This site is now powered by Django instead of Plone. Yes, I’ve finally made the switch!
I frequently have to send emails from web applications. But before I deploy to a production environment, I want to make sure the mechanism works and the right mails are constructed. Here’s two ways to do that.