In some cases you have to accept html from the user. How to make that html posting safe? It is easy to inject malicious code into your site that way.
There are a two steps:
The centrifuge. (I missed what this was for)
The rules. It uses regular expressions to check for common attacks and filters them out. A regex might be slow, so it is only run on suspected content.
You can browse the detected intrusions in the admin interface.
https://github.com/traff/dtcov is a little tool that is based on coverage.py that counts lines with executed tags in django templates. It is handy for measuring template coverage of functional tests. It helps find dead unused template code.
The usage is the same as coverage.py: just run it on the commandline.
Looks useful: you get a nice coverage.py-like output that shows which lines in your templates haven’t been executed yet.
Glue (http://gluecss.com) is a command line tool to create a sprite. So instead of a lot of .png files, you’ll only have one, which you then need to use with css.
You could do it by hand: lots of time.
You could do it via one of the online sites that does it for you. Drawback: it is hard to upgrade.
You can use glue to generate the sprite png and the necessary css for you. It also can create hover variants of all of the icons for you, very handy.
It also supports watching, it supports less, custom class names and much more.
There was lots of talk about databases yesterday. Whether to use a schemaless nosql database or not. You do want security and so.
You can do most of the schemaless stuff just fine with postgres: using hstore. See for instance this blog post or the official docs.
You can do lots in postgres:
Relational database: postgres
Document database: postgres plv-8
Key/value: hstore in postgres
My name is Reinout van Rees and I work a lot with Python (programming language) and Django (website framework). I live in The Netherlands and I'm happily married to Annie van Rees-Kooiman.
Most of my website content is in my weblog. You can keep up to date by subscribing to the automatic feeds (for instance with Google reader):