worker-planet
Some time ago I wrote about using “Cloudflare Workers”, first as a way of adding Content-Security-Policy headers to your pages (when you don’t have other easy ways of doing it) and after I even built...
View ArticleClik here to view.
Django Friday Tips: Custom Admin Pages
One of the great builtin features of Django is the admin app. It lets you, among other things, execute the usual CRUD operations on your data, search, filter and execute bulk actions on many records....
View ArticleTools I’m thankful for
In the spirit of thanksgiving, even though it isn’t a tradition here where live, and following the same path as some posts I’ve read today, here’s 5 software tools I’m thankful for. (Of course this is...
View ArticleClik here to view.
worker-planet was awarded a swag box
If you remember, back in June/July I worked on a small project to make it easy to build small community pages that aggregate content produced from many sources. As I shared in the post, worker-planet...
View ArticleDjango Friday Tips: Deal with login brute-force attacks
In the final tips post of the year, lets address a solution to a problem that most websites face once they have been online for a while. If you have a back-office or the concept of user accounts, soon...
View ArticleWho keeps an eye on clipboard access?
If there is any feature that “universally” describes the usage of computers, it is the copy/paste pattern. We are used to it, practically all the common graphical user interfaces have support for it,...
View ArticleClik here to view.
Django Friday Tips: Admin Docs
While the admin is a well known and very useful app for your projects, Django also includes another admin package that isn’t as popular (at least I never seen it being heavily used) but that can also...
View ArticleInlineshashes: a new tool to help you build your CSP
Content-Security-Policy (CSP) is an important mechanism in today’s web security arsenal. Is a way of defending against Cross-Site Scripting and other attacks. It isn’t hard to get started with or to...
View ArticleDjango Friday Tips: Less known builtin commands
Django management commands can be very helpful while developing your application or website, we are very used to runserver, makemigrations, migrate, shell and others. Third party packages often...
View ArticleControlling the access to the clipboard contents
In a previous blog post published earlier this year I explored some security considerations of the well known “clipboard” functionality that most operating systems provide. Long story short, in my...
View ArticleShutting Down Webhook-logger
A few years ago I built a small application to test Django’s websocket support through django-channels. It basically displayed on a web page in real time all the requests made to a given endpoint (you...
View ArticlePreparing for Hacktoberfest
It already starts tomorrow… the next edition of “Hacktoberfest”. For those who don’t know, it basically is an initiative that incentivizes participants to contribute to open-source software. During...
View ArticleSecure PostgreSQL connections on your Django project
Last week, an article was published with some interesting numbers about the security of PostgreSQL servers publicly exposed to the internet (You can find it here). But more than the numbers, what...
View ArticleClik here to view.
Cleaning my follow list using “jacanaoesta”
Last year we saw the rise of the Fediverse. Mostly because of a series of external events, that ended up pushing many people to try other alternatives to their centralized platform of choice. Mastodon...
View ArticleClik here to view.
New release of “inlinehashes”
Last year, I built a small tool to detect inline styles and scripts in a given webpage/document and then calculate their hashes. It can be useful for someone trying to write a strict...
View ArticleWhat to use for “TOTP” in 2023?
At the start of last week, we received great news regarding new improvements to a very popular security app, “Google Authenticator”. A feature it was lacking for a long time was finally implemented,...
View ArticleClik here to view.
Playing with maps
I’ve always been astonished about how well mapping apps work. Sure, when Google Maps was first released the sense of wonder was much greater than it is nowadays, nevertheless it is still impressive....
View ArticleNew release of worker-planet
Two years ago, I made a small tool on top of Cloudflare’s Workers to generate a single feed by taking input from multiple RSS sources, a kind of aggregator or planet software as it was usually known a...
View ArticleImproving your online privacy: An update
Ten years ago, after it became clear to almost everyone that all our online activity was being tracked and stored, I wrote a blog post about simple steps a person could take to improve their privacy...
View ArticleSo you need to upgrade Django
No matter how much you try to delay and how many reasons you find to postpone, eventually the time comes. You need to update and upgrade your software, your system components, your apps, your...
View ArticleYou can now follow this blog on the fediverse
The possibilities of the ActivityPub protocol, and what it can bring to the table regarding interoperability in the social media landscape, are immense. It is specially welcome after a decade (and...
View ArticleAn attempt at creating a DIY baby monitor
Occasionally, “modern” baby monitors hit the news, but not for the best reasons. Sometimes for the lack of security, other times for exploitative practices, etc. This also applies to many other...
View ArticleThe books I enjoyed the most in 2023
We reached the end of another year, and generally, this is a good time to look back, to evaluate what was done, what wasn’t done and eventually plan ahead. While dedicating some time to the first...
View ArticleMeet the InfoSec Planet
If you are a frequent reader of this blog, you might already know that I created a small tool to generate a simple webpage plus an RSS feed, from the content of multiple other RSS sources, called...
View ArticleClik here to view.
Take advantage of Django’s system checks
Today, let’s go back to the topic of the first post in this series of Django tips. At the time, I focused on the python manage.py check --deploy command. In this article, I will explore the feature on...
View ArticleClik here to view.
Filter sensitive contents from Django’s error reports
Reporting application errors to a (small) list of admins is a feature that already comes built in and ready to use in Django. You just need to configure the ADMINS setting and have the application...
View ArticleMy setup to keep up with podcasts
To be sincere, I have a strong preference for written content. There is something with audio and video (podcasts and streams) that doesn’t fit very well with me or how I consume content when I’m at...
View ArticleNew Nostr and Lightning Addresses
Bitcoin Atlantis is just around the corner. This conference, happening here in Madeira, is something unusual for us locals. The common pattern is that we have to fly to attend such conferences. I plan...
View ArticleSecurity.txt in the wild
A few years ago, I covered here in the blog the “security.txt spec”. A standard place with the security related contacts, designed to help researchers, and other people, find the right contacts to...
View ArticleLocal AI to the rescue
The last couple of years have been dominated by the advancements in the Artificial Intelligence (AI) field. Many of us witnessed and are currently experiencing some sort of renaissance of AI. It...
View Article
