Tech Kettle

2025 Update: Check a security note below! One way to use a Python variable in an external Javascript is to declare the JS variable in the HTML template through context object, then pass this variable to the external script code : <script type="text/javascript"> js_var_from_dj = "{{ django_var }}" </script> <script src="{% static "js/js_file.js" %}" type="text/javascript"></script>   js_file.js : function functionA(){ // using the variable declared outside this js file inner_js_var = js_var_from_dj ; }   What if  instead of using HTML template to pass the Django context variable, we inject the variable directly into the external Javascript code ?  This is actually possible, the trick here is to to wrap the original JS file in a View, and use that view to render the JS file as a Django template. O ur js_file become : function functionA(){    //using the Django context variable    inner_js_var = {{django_var}} ; ...

I was in charge of managing a dedicated server running Debian 7, the server hosts multiple websites with email service, the server hosts also multiple instances of a critical web application, for a client who is running a business across different regions. That day was a very important day, as the client was expecting his own client to turn up. The client wanted to make a demo on the application and show how they manage some business processes. During that event, I got a phone call claiming client users not able to access the web application, I took the request as usual and started checking the filed issue, few seconds later I got another call about other users not able to access their mailbox, it is then I realized that a very nasty thing is happening and I'm in serious trouble.     I quickly figured out that I have made the worst mistake ever !   That day I was performing usual maintenance tasks on the server, freeing some disk space here and there. However, at some mom...

There is a general misconception that biometrics are inherently more secure than password when used for remote authentication, this is because of the way, the industries are marketing fingerprinting and face recognition for authentication. Biometrics that target general public, like what is integrated on smartphones and other devices, are meant to provide user with convenience not improving security. After all, security is a one thing and convenience is another thing. That being said, with all the advances they get, biometric sensors are still not infallible, as you can check on the video that shows how it is possible to fool Face ID on IPHONE X with 3d printed mask.  While faking or cloning the biometric characteristics is not an easy task, a strong password remains the most reliable medium for remote authentication, this is because some of attack vectors that target biometric authentication systems, are conducted through visually obtainable information, whereas a...

These Javascript snippet are friendly-user hacks, that can be executed directly from the browser's address bar. The execution of these one-line scripts has affects only on the website's loaded document. Javascript scheme can be used in the address bar of the browser to run script on the loaded document The advantage with this approach; is that it uses vanilla Javascript and doesn't require any plugin on the browser or needs the developer console. You just need to copy/past the code into the address bar, after the prefix "Javascript:" typed beforehand. Important : Don't copy/past the code with the prefix "javascript:" at once, otherwise the browser will ignore the prefix when pasting in the address bar.  Show masked password saved in login form  :   It is not easy to remember the last time you typed your password in login form, specially if the browser has saved it for you. Just use this below snippet to have the chance to remem...

Thanks God, I finally got my PRINCE2 practitioner certification. If you have a good grasp of the major aspects surrounding project management, your journey for the certification exam will be less tricky. First off, I have two advises : - You really don't need to pay lot of money for the training. - Don't count on a single resource (that applies to any certification). If your are already searching for the best training, you realize that there are huge amount of online training videos. However, in my opinion, there are two online training that are worth the investment : Mplaza or Projex's Prince2 Masterclass. I liked the Mplaza PRINCE2 foundation training and the instructor has a smart approach to deliver the information, however the Practitioner training was not up to par with what I was expecting, the discussion approach wasn't the right option for me. The Projex's PRINCE2 Masterclass was the option I picked up. It prepares you fo...

Whether you are looking for a document management system or a development framework for your next business application, you might be considering some options from opensource solutions (well.. most of the time), however picking up the right choice that fits to your requirements doesn't necessarily make it a safe choice. Imagine a company is using a system (could be an ERP, CRM, DMS, ESB...) for a couple of years and that system relies on a framework or third party modules, that one day the provider announced that in the near future his framework will stop receiving maintenance updates, or that the next version will be released under different opensource license, that has more restrictions [ Opensource licenses in a competitive environment ]. What would be the stakeholder decision ?