django – Page 2 – WindowsTechs.com

How Can I customise Google Auth Error Message ("Couldn’t find your Google Account" or "Enter a valid email or phone number") [closed]

Posted on August 24, 2022 by satish rajput

I don’t want to show Couldn’t find your Google Account or Enter a valid email or phone number. I want to show my own message like Login Failed or something else. Can you please let me know how can I do this.
For more information my applica… Continue reading How Can I customise Google Auth Error Message ("Couldn’t find your Google Account" or "Enter a valid email or phone number") [closed]→

Why famouse frameworks like django (And probably Rails) use both synchronizer pattern and Origin/Referer header checks for preventing CSRF attacks?

Posted on July 10, 2022 by user14096467

I see in the source code of Django that they do use both synchronizer token pattern and Origin/Referer header checks. I understand that if you are using the double-submit technique via cookie the following attack will work and you need to … Continue reading Why famouse frameworks like django (And probably Rails) use both synchronizer pattern and Origin/Referer header checks for preventing CSRF attacks?→

How to access CSRF token in fronted when API is on different domain?

Posted on June 3, 2022 by atskdev

I am building a website with a separate Javascript frontend and a Django backend. My backend uses CSRF protection.
Now the problem is that the CSRF token is being set on the client side as a cookie on the backend’s domain, e.g. api.example… Continue reading How to access CSRF token in fronted when API is on different domain?→

Image uploading in a web-application

Posted on May 15, 2022 by salazar324

We are developing an MVC web-application in Django and having concerns about image uploading. We’ve done some research on this topic and came up with a setup we want to share here for advices and critique.
First of all, here are our busine… Continue reading Image uploading in a web-application→

Which is more secure and better practice? Setting up a reverse proxy on backend with localhost or on a separate VM and route to other VMs/services?

Posted on May 11, 2022 by CapacityVirus

I wanna know if it’s better in terms of security, availability and best practice to set up a nginx reverse proxy on my backend and use it with localhost or to set up a VM that handles everything for me.
I assume that using a separate VM wi… Continue reading Which is more secure and better practice? Setting up a reverse proxy on backend with localhost or on a separate VM and route to other VMs/services?→

Should email password be encrypted in a django app when using TLS?

Posted on September 23, 2021 by Hector Ordonez

I have seen multiple videos/tutorials regarding how to setup the email system in Django.
It seems that they all assume as long as the password is stored in an environmental variable, no encryption is required.
Is that so? Shouldn’t passwor… Continue reading Should email password be encrypted in a django app when using TLS?→

Do I need to authenticate a user on WhatsApp when using twilio?

Posted on September 15, 2021 by chaulap

We are building an online shop using django. We have developed an API for our application to interact with Twilio. This is so users can buy products on WhatsApp from our application. I want to know what could go wrong with this setup.
When… Continue reading Do I need to authenticate a user on WhatsApp when using twilio?→

Django File Validation

Posted on September 7, 2021 by RedWheelbarrow

I’ m building a REST API with Django and Django Rest Framework. I allow users to upload images and videos using different subclasses of ModelSerializer. When a file is received, the server saves it to a temporary file on the disk (with Dja… Continue reading Django File Validation→

Is there any reason to block HEAD requests?

Posted on July 2, 2021 by heds1

Apologies if this isn’t the right place to ask this. I occasionally get alerts from my Django website along these lines:

Internal Server Error: /posts/specific-post/

UnboundLocalError at /posts/specific-post/
local variable ‘comment_for… Continue reading Is there any reason to block HEAD requests?→

Concerning GET request in logs

Posted on May 11, 2021 by MattG

I have a Django application running on a Digital Ocean Ubuntu server. I am using NGINX and Daphne to serve the application because I am using Django Channels.
My websockets keep crashing, and I noticed in the logs when the crash occurs, th… Continue reading Concerning GET request in logs→