Re: CSRF token still needed today?

2020-04-20 Thread David Merrick 
if you want cross site forgery requests get rid off it

On Mon, Apr 20, 2020 at 10:45 PM Andréas Kühne 
wrote:

> Why is it a problem to have? You add one specific command on all forms -
> or you disable it in the view
>
> What do you want to accomplish by removing it?
>
> Regards,
>
> Andréas
>
>
> Den sön 19 apr. 2020 kl 22:12 skrev guettli <
> guettli.goo...@thomas-guettler.de>:
>
>> iI look at this page: https://docs.djangoproject.com/en/3.0/ref/csrf/
>> ... and then I look at this page: https://scotthelme.co.uk/csrf-is-dead/
>>
>> Is a CSRF token still needed today?
>>
>> All my users use a modern browser.
>>
>> It would be very nice if I could get rid of the CSRF token.
>>
>> Is there a safe way to avoid CSRF tokens in  my Django project?
>>
>> Regards,
>>   Thomas
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to django-users+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/django-users/487c7392-e874-4a1e-a1ff-488ab933ae42%40googlegroups.com
>> 
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/CAK4qSCeO0bkxsGYFc7t-V7%2BZnr965gYAG0oALB0ELtoJjojedg%40mail.gmail.com
> 
> .
>


-- 
Dave Merrick

TutorInvercargill

http://tutorinvercargill.co.nz

Daves Web Designs

Website http://www.daveswebdesigns.co.nz

Email merrick...@gmail.com

Ph   03 216 2053

Cell 027 3089 169

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CA%2B%3DMcKa3X4o%3DEVkXvEpBaaCsVc8XKV7k-hDi9DXXEDJ%3Dxei44g%40mail.gmail.com.

Re: CSRF token still needed today?

2020-04-21 Thread David Merrick 
Hi if you have an url with stuff?Stuff=Stuff the URL can be changed.
See the link below.
https://portswigger.net/web-security/csrf

On Wed, Apr 22, 2020 at 6:16 AM guettli 
wrote:

> Hi David, could you please explain how cross site forgery requests can
> happen
> with the current default for cookies (SameSite=Lax)?
>
> Am Montag, 20. April 2020 14:43:10 UTC+2 schrieb David Merrick:
>>
>> if you want cross site forgery requests get rid off it
>>
>> On Mon, Apr 20, 2020 at 10:45 PM Andréas Kühne 
>> wrote:
>>
>>> Why is it a problem to have? You add one specific command on all forms -
>>> or you disable it in the view
>>>
>>> What do you want to accomplish by removing it?
>>>
>>> Regards,
>>>
>>> Andréas
>>>
>>>
>>> Den sön 19 apr. 2020 kl 22:12 skrev guettli <
>>> guettl...@thomas-guettler.de>:
>>>
>>>> iI look at this page: https://docs.djangoproject.com/en/3.0/ref/csrf/
>>>> ... and then I look at this page:
>>>> https://scotthelme.co.uk/csrf-is-dead/
>>>>
>>>> Is a CSRF token still needed today?
>>>>
>>>> All my users use a modern browser.
>>>>
>>>> It would be very nice if I could get rid of the CSRF token.
>>>>
>>>> Is there a safe way to avoid CSRF tokens in  my Django project?
>>>>
>>>> Regards,
>>>>   Thomas
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Django users" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to django...@googlegroups.com.
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/django-users/487c7392-e874-4a1e-a1ff-488ab933ae42%40googlegroups.com
>>>> <https://groups.google.com/d/msgid/django-users/487c7392-e874-4a1e-a1ff-488ab933ae42%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>> .
>>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Django users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to django...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/django-users/CAK4qSCeO0bkxsGYFc7t-V7%2BZnr965gYAG0oALB0ELtoJjojedg%40mail.gmail.com
>>> <https://groups.google.com/d/msgid/django-users/CAK4qSCeO0bkxsGYFc7t-V7%2BZnr965gYAG0oALB0ELtoJjojedg%40mail.gmail.com?utm_medium=email&utm_source=footer>
>>> .
>>>
>>
>>
>> --
>> Dave Merrick
>>
>> TutorInvercargill
>>
>> http://tutorinvercargill.co.nz
>>
>> Daves Web Designs
>>
>> Website http://www.daveswebdesigns.co.nz
>>
>> Email merri...@gmail.com
>>
>> Ph   03 216 2053
>>
>> Cell 027 3089 169
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/c33f7b81-2e74-480c-b1fe-acd5f28468ac%40googlegroups.com
> <https://groups.google.com/d/msgid/django-users/c33f7b81-2e74-480c-b1fe-acd5f28468ac%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>


-- 
Dave Merrick

TutorInvercargill

http://tutorinvercargill.co.nz

Daves Web Designs

Website http://www.daveswebdesigns.co.nz

Email merrick...@gmail.com

Ph   03 216 2053

Cell 027 3089 169

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CA%2B%3DMcKa4bcep3kd1TUf54RdXepgQvNuXAkYGsUHOCi%3DBAPC0Gw%40mail.gmail.com.

Re: Django Lessons

2020-05-07 Thread David Merrick 
Sounds like a very good idea.
I have one immediate question. What web servers can host Django and what
Domain Names / types?
I was using Rails for a bit but got unstuck when Rails need Dynamic Domain
Names, not Static ones.

Cheers Dave

On Fri, May 8, 2020 at 6:11 PM Eugen Ciur  wrote:

> Hi,
>
> on https://django-lessons.com I release weekly screencasts about Django
> Web Framework. Lessons are usually very short, around 10 minutes.
> Each of them focuses on a single practical topic so that you can
> immediately apply learned skills in your projects.
> 50% of all content always will be free.
>
> I would love your feedback!
>
> Regards,
> Eugen / Django Lessons
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/784e88d9-9a3d-45ea-b43d-6d22b54469b2%40googlegroups.com
> 
> .
>


-- 
Dave Merrick

TutorInvercargill

http://tutorinvercargill.co.nz

Daves Web Designs

Website http://www.daveswebdesigns.co.nz

Email merrick...@gmail.com

Ph   03 216 2053

Cell 027 3089 169

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CA%2B%3DMcKZnGhvB8U3VtmakNBRdEjNdORbP16h6Ux2JmD3WaF0jCg%40mail.gmail.com.

Re: Django Lessons

2020-05-08 Thread David Merrick 
Same Domain Name Servers can only handle
static DNS server
https://ticket.cdmon.com/en/support/solutions/articles/706124-what-is-a-static-dns-server-and-where-to-modify-dns-records

Some can Domain Name Servers can only handle
https://en.wikipedia.org/wiki/Dynamic_DNS

So do  Apache (mod_wsgi), Gunicorn, and uWSGI  use Static or Dynamic Domain
Name Servers?




On Fri, May 8, 2020 at 6:49 PM Eugen Ciur  wrote:

> For first part of the question: Apache (mod_wsgi), Gunicorn, and uWSGI are
> most popular choices
> I don't second part of question though - what you mean with "and what
> domain names / types" ?
>
> On Friday, May 8, 2020 at 8:33:43 AM UTC+2, David Merrick wrote:
>>
>> Sounds like a very good idea.
>> I have one immediate question. What web servers can host Django and what
>> Domain Names / types?
>> I was using Rails for a bit but got unstuck when Rails need Dynamic
>> Domain Names, not Static ones.
>>
>> Cheers Dave
>>
>> On Fri, May 8, 2020 at 6:11 PM Eugen Ciur  wrote:
>>
>>> Hi,
>>>
>>> on https://django-lessons.com I release weekly screencasts about Django
>>> Web Framework. Lessons are usually very short, around 10 minutes.
>>> Each of them focuses on a single practical topic so that you can
>>> immediately apply learned skills in your projects.
>>> 50% of all content always will be free.
>>>
>>> I would love your feedback!
>>>
>>> Regards,
>>> Eugen / Django Lessons
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Django users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to django...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/django-users/784e88d9-9a3d-45ea-b43d-6d22b54469b2%40googlegroups.com
>>> <https://groups.google.com/d/msgid/django-users/784e88d9-9a3d-45ea-b43d-6d22b54469b2%40googlegroups.com?utm_medium=email&utm_source=footer>
>>> .
>>>
>>
>>
>> --
>> Dave Merrick
>>
>> TutorInvercargill
>>
>> http://tutorinvercargill.co.nz
>>
>> Daves Web Designs
>>
>> Website http://www.daveswebdesigns.co.nz
>>
>> Email merri...@gmail.com
>>
>> Ph   03 216 2053
>>
>> Cell 027 3089 169
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/360c1be4-e868-42b1-a22a-a0246a3b2791%40googlegroups.com
> <https://groups.google.com/d/msgid/django-users/360c1be4-e868-42b1-a22a-a0246a3b2791%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>


-- 
Dave Merrick

TutorInvercargill

http://tutorinvercargill.co.nz

Daves Web Designs

Website http://www.daveswebdesigns.co.nz

Email merrick...@gmail.com

Ph   03 216 2053

Cell 027 3089 169

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CA%2B%3DMcKZfH4L4Eg5k1M_40x9oS_rZ8iYfuC_2TfWOFV3%2By9Tivg%40mail.gmail.com.

Re: Django Lessons

2020-05-08 Thread David Merrick 
I am asking  about web hosting and appropriate Domain Name Servers

On Fri, May 8, 2020 at 9:18 PM David Merrick  wrote:

> Same Domain Name Servers can only handle
> static DNS server
> https://ticket.cdmon.com/en/support/solutions/articles/706124-what-is-a-static-dns-server-and-where-to-modify-dns-records
>
> Some can Domain Name Servers can only handle
> https://en.wikipedia.org/wiki/Dynamic_DNS
>
> So do  Apache (mod_wsgi), Gunicorn, and uWSGI  use Static or Dynamic
> Domain Name Servers?
>
>
>
>
> On Fri, May 8, 2020 at 6:49 PM Eugen Ciur  wrote:
>
>> For first part of the question: Apache (mod_wsgi), Gunicorn, and uWSGI
>> are most popular choices
>> I don't second part of question though - what you mean with "and what
>> domain names / types" ?
>>
>> On Friday, May 8, 2020 at 8:33:43 AM UTC+2, David Merrick wrote:
>>>
>>> Sounds like a very good idea.
>>> I have one immediate question. What web servers can host Django and what
>>> Domain Names / types?
>>> I was using Rails for a bit but got unstuck when Rails need Dynamic
>>> Domain Names, not Static ones.
>>>
>>> Cheers Dave
>>>
>>> On Fri, May 8, 2020 at 6:11 PM Eugen Ciur  wrote:
>>>
>>>> Hi,
>>>>
>>>> on https://django-lessons.com I release weekly screencasts about
>>>> Django Web Framework. Lessons are usually very short, around 10 minutes.
>>>> Each of them focuses on a single practical topic so that you can
>>>> immediately apply learned skills in your projects.
>>>> 50% of all content always will be free.
>>>>
>>>> I would love your feedback!
>>>>
>>>> Regards,
>>>> Eugen / Django Lessons
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Django users" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to django...@googlegroups.com.
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/django-users/784e88d9-9a3d-45ea-b43d-6d22b54469b2%40googlegroups.com
>>>> <https://groups.google.com/d/msgid/django-users/784e88d9-9a3d-45ea-b43d-6d22b54469b2%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>> .
>>>>
>>>
>>>
>>> --
>>> Dave Merrick
>>>
>>> TutorInvercargill
>>>
>>> http://tutorinvercargill.co.nz
>>>
>>> Daves Web Designs
>>>
>>> Website http://www.daveswebdesigns.co.nz
>>>
>>> Email merri...@gmail.com
>>>
>>> Ph   03 216 2053
>>>
>>> Cell 027 3089 169
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to django-users+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/django-users/360c1be4-e868-42b1-a22a-a0246a3b2791%40googlegroups.com
>> <https://groups.google.com/d/msgid/django-users/360c1be4-e868-42b1-a22a-a0246a3b2791%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
>
>
> --
> Dave Merrick
>
> TutorInvercargill
>
> http://tutorinvercargill.co.nz
>
> Daves Web Designs
>
> Website http://www.daveswebdesigns.co.nz
>
> Email merrick...@gmail.com
>
> Ph   03 216 2053
>
> Cell 027 3089 169
>


-- 
Dave Merrick

TutorInvercargill

http://tutorinvercargill.co.nz

Daves Web Designs

Website http://www.daveswebdesigns.co.nz

Email merrick...@gmail.com

Ph   03 216 2053

Cell 027 3089 169

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CA%2B%3DMcKZfnhJuG4wytiEzMuPp%3D5UN4FjMreafwBRUmv1qUVw8Og%40mail.gmail.com.

Domain Names and Web Servers

2020-05-08 Thread David Merrick 
Hi, I am interested in what web servers can be used for Django Web Apps and 
whether the Domain Name Servers are Static or Dynamic. Static Domain Name 
Servers (DNS) the IP Address doesn't change and Dynamic (DNS) IP Address 
does change.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/0453cae2-7f58-4459-b03f-aa84969bd422%40googlegroups.com.

Re: Domain Names and Web Servers

2020-05-08 Thread David Merrick 
Ok to rephrase the Question whats a typical set up for Django Web for say
Website
Web Servers and Domain Name Servers.

For example for Rails I could use Heroku fro the Hosting
https://www.heroku.com/
For the Domain Name Server I could use Domains4less
https://www.domains4less.co.nz/
but Domain4less can't use Dynamic IP address so the two are related sorry.

On Sat, May 9, 2020 at 10:14 AM Kasper Laudrup 
wrote:

> Hi David,
>
> On 08/05/2020 23.18, David Merrick wrote:
> > Hi, I am interested in what web servers can be used for Django Web Apps
> > and whether the Domain Name Servers are Static or Dynamic. Static Domain
> > Name Servers (DNS) the IP Address doesn't change and Dynamic (DNS) IP
> > Address does change.
> >
>
> That is really two completely unrelated questions.
>
> For deployment you can use quite a few different web servers, but it
> really depends on your requirements:
>
> https://docs.djangoproject.com/en/3.0/howto/deployment/
>
> Django doesn't know anything about domain servers, that's not really
> related at all.
>
> To be a bit pedantic, there really isn't any difference between a
> dynamic and a static DNS server. DNS just resolves host names to IP
> addresses (and more, but that's not relevant). Some DNS records just
> have a low TTL meaning that the information provided changes more often
> making them more "dynamic".
>
> How you decide to handle that also depends on your requirements and most
> likely how you decide to host your Django application.
>
> Hope that helps.
>
> Kind regards,
>
> Kaspr Laudrup
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Django users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/django-users/2Tx8UU5K-n0/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> django-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/c94d816f-b88b-feab-0a61-cd08718bc70f%40stacktrace.dk
> .
>


-- 
Dave Merrick

TutorInvercargill

http://tutorinvercargill.co.nz

Daves Web Designs

Website http://www.daveswebdesigns.co.nz

Email merrick...@gmail.com

Ph   03 216 2053

Cell 027 3089 169

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CA%2B%3DMcKZm7hSGRE_Wa7%2BDhJM%3D9LBdixuXL6qmUWamaf-9OXTm2A%40mail.gmail.com.

Select Boxes and Database

2023-12-02 Thread David Merrick 
Hi. I can put an item from the database into a select box ie Countries of
the World. What I want to know is saying, having chosen New Zealand from
the select box, how do I display all the cities of New Zealand in another
select box.

The database has two tables. First one is Countries. The second table is
cities with populations and the foreign key of Countries table.

Then having chosen Auckland a city in New Zealand I want to display

Country
City
Population

In a template.

I have done this in Php, Javascript and Mysql already.

Cheers Dave


-- 
Dave Merrick

TutorInvercargill

http://tutorinvercargill.co.nz

Daves Web Designs

Website https://tutorinvercargill.co.nz/daveswebdesigns/public_html/

Email merrick...@gmail.com

Ph   03 216 2053

Cell 027 3089 169

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CA%2B%3DMcKYDfzhvQ8ueCKKccYX3gcQUmfoX9NXipqf%3DDipsXPzG7g%40mail.gmail.com.