This week, I’m back at my tremendously irregular Django tips series, where I share small pieces of code and approaches to common themes that developers face when working on their web applications. The topic of today’s post is how to implement a counter that isn’t vulnerable to race conditions. Counting is everywhere, when handling money, […]
Tag: Django
Reporting application errors to a (small) list of admins is a feature that already comes built in and ready to use in Django. You just need to configure the ADMINS setting and have the application ready to send emails. All application errors (status 500 and above) will trigger a new message containing all the details, […]
Take advantage of Django’s system checks
Today, let’s go back to the topic of the first post in this series of Django tips. At the time, I focused on the python manage.py check –deploy command. In this article, I will explore the feature on which it is built and how it can be quite handy for many other scenarios. So, the […]
No matter how much you try to delay and how many reasons you find to postpone, eventually the time comes. You need to update and upgrade your software, your system components, your apps, your dependencies, etc. This happens to all computer users. On some systems, this is an enjoyable experience, on other systems as painful […]
Last week, an article was published with some interesting numbers about the security of PostgreSQL servers publicly exposed to the internet (You can find it here). But more than the numbers, what really caught my attention was the fact that most clients and libraries used to access and interact with the databases have insecure defaults: […]
A few years ago I built a small application to test Django’s websocket support through django-channels. It basically displayed on a web page in real time all the requests made to a given endpoint (you could generate multiple of them) without storing anything. It was fun and it was very useful to quickly debug stuff […]
In a previous blog post published earlier this year I explored some security considerations of the well known “clipboard” functionality that most operating systems provide. Long story short, in my opinion there is a lot more that could be done to protect the users (and their sensitive data) from many attacks that use of clipboard […]
Django management commands can be very helpful while developing your application or website, we are very used to runserver, makemigrations, migrate, shell and others. Third party packages often provide extra commands and you can easily add new commands to your own apps. Today lets take a look at some less known and yet very useful […]
Content-Security-Policy (CSP) is an important mechanism in today’s web security arsenal. Is a way of defending against Cross-Site Scripting and other attacks. It isn’t hard to get started with or to put in place in order to secure your website or web application (I did that exercise in a previous post). However when the systems […]
Django Friday Tips: Admin Docs
While the admin is a well known and very useful app for your projects, Django also includes another admin package that isn’t as popular (at least I never seen it being heavily used) but that can also be quite handy. I’m talking about the admindocs app. What it does is to provide documentation for the […]