Tech Kettle

  Threat and vulnerability are two tightly coupled aspects . There is no point to focus on a vulnerability if the threat doesn’t exist, similarly you can’t stress on a threat, if your asset is not concerned with the vulnerability (or weakness).   The question one should ask is “What are the risks to my asset ?” , and to answer this we need to run a whole Business Impact Analysis (BIA), which involves qualitative and quantitative risk assessment. As a general equation:  Risk = Vulnerability x Threat On the basis of the above equation, we can conclude that if an asset has a Vulnerability and that Vulnerability is exposed to a known Threat, then the asset is at Risk.  Now that the two elements exist you need to tackle just one of the two not both, to eliminate the risk. originally posted here

2025 Update: Check a security note below! One way to use a Python variable in an external Javascript is to declare the JS variable in the HTML template through context object, then pass this variable to the external script code : <script type="text/javascript"> js_var_from_dj = "{{ django_var }}" </script> <script src="{% static "js/js_file.js" %}" type="text/javascript"></script>   js_file.js : function functionA(){ // using the variable declared outside this js file inner_js_var = js_var_from_dj ; }   What if  instead of using HTML template to pass the Django context variable, we inject the variable directly into the external Javascript code ?  This is actually possible, the trick here is to to wrap the original JS file in a View, and use that view to render the JS file as a Django template. O ur js_file become : function functionA(){    //using the Django context variable    inner_js_var = {{django_var}} ; ...