Re: GSOC Proposal: 2FA

2020-03-31 Thread Rohit Jha
at 11:10:27 PM UTC+6, Rohit Jha wrote: >> >> Hi, >> >> Here is my proposal for GSoCon 2FA >> >> >> https://docs.google.com/document/d/1f-9hOYHZ9rzLH7UEzdPmVi1n4jQJ92gDwYpqef1ZYMk/edit?usp=sharing >> >> Feedback and criticism is highly app

GSOC Proposal: 2FA

2020-03-26 Thread Rohit Jha
Hi, Here is my proposal for GSoCon 2FA https://docs.google.com/document/d/1f-9hOYHZ9rzLH7UEzdPmVi1n4jQJ92gDwYpqef1ZYMk/edit?usp=sharing Feedback and criticism is highly appreciated. Thanks & Regards -- You received this message because you are subscribed to the Google Groups "Django

Re: GSOC Proposal : CrossDB JSON Field

2019-04-17 Thread Rohit Jha
Adam Johnson wrote: > >> Hi Rohit! >> >> It seems your email thread has been missed by the list, I don't know why, >> perhaps it hit some spam filters. There's also another thread from a >> student proposing the same projectt: >> >> >> https://gro

GSOC Proposal : CrossDB JSON Field

2019-04-04 Thread Rohit Jha
Hi I am Rohit Jha, I am a sophomore at IIT Roorkee. I am planning to participate in GSOC. My draft Proposal can be found here : https://docs.google.com/document/d/1jSEir_wuYlBqvQTmWJUF3mpquuIH4ElZG1hFBeMl1HI/edit?usp=sharing Feedback is much appreciated Thanks -- You received this message

Regarding 3D model in Django

2013-07-09 Thread Rohit kumar
I want to create a interactive 3D model in my Django app. Few of the pages will render 3D model which should be interactive and could be changed based on the inputs. I have obj file right now. How to do this. -- You received this message because you are subscribed to the Google Groups

Re: Improved ajax support idea

2012-11-23 Thread rohit jangid
I really liked the idea of more advanced inbuilt support for ajax in django . I use django for my work and more than 80% of our time we use ajax. would really like to participate and work on it . thanks On 22-Nov-2012, at 4:09 PM, James Pic wrote: > Hi all, > > More projects use AJAX

Feature Request: Support for abstract models in ModelForm

2012-11-13 Thread Rohit Banga
(unique key in abstract model) https://github.com/iamrohitbanga/django_ticket_19271/tree/code_not_working Is it possible to support this feature in a future release? Thanks Rohit -- You received this message because you are subscribed to the Google Groups "Django developers" grou

Re: HBase backend support

2011-03-30 Thread Rohit Upadhyaya
On Wed, Mar 30, 2011 at 6:40 PM, Russell Keith-Magee < russ...@keith-magee.com> wrote: > On Wed, Mar 30, 2011 at 7:58 PM, Rohit <rohitj...@gmail.com> wrote: > > Hi, > > I plan to implement HBase backend support for Django as part of > > GSoC 2011. Before

Re: HBase backend support

2011-03-30 Thread Rohit
Hi, I plan to implement HBase backend support for Django as part of GSoC 2011. Before I flesh out the idea in detail, I would like to know if this is useful enough to Django, whether there are alternatives to using HBase in the first place. -- You received this message because you are

Re: Wrong error message when user having is_staff=False tries to login to admin

2011-03-14 Thread Rohit Sethi
To re-iterate, you would get this message iff you have the correct credentials for an end user who is not an admin user. You seem to be referring to Response Information Discrepancy Information Exposure (http://cwe.mitre.org/data/definitions/204.html) which is generally about differentiating

Re: Ticket 14261 - add basic clickjacking protection to Django

2011-03-13 Thread Rohit Sethi
I personally like the idea of a decorator On Mar 13, 12:30 pm, Ryan N wrote: > I personally do not believe XFrameOptionsMiddleware should be on by > default. There are plenty of folks using Django for simple static > sites or RESTful APIs where clickjacking doesn't

Re: Ticket 14261 - add basic clickjacking protection to Django

2011-03-13 Thread Rohit Sethi
This is awesome - very progressive and I hope other frameworks follow suite. Have you done a poll of users to see how many would be affected by a "SAMEORIGIN" setting? Maybe that would be a good place to start. Is there some other way to test the overall impact of this prior to committing to it

Re: Wrong error message when user having is_staff=False tries to login to admin

2011-03-13 Thread Rohit Sethi
To summarize - if I understand correctly the only way a more specific error message can result in a problem is the following scenario: 1) An attacker correctly guesses credentials for a user on the admin site 2) The attacker does not try to authenticate with the same credentials on the regular

Re: Brute force attacks

2011-03-08 Thread Rohit Sethi
that brute-force prevention doesn't come out of the box. Does that sound fair? On Mar 8, 4:10 am, Michael Radziej <m...@spieleck.de> wrote: > On Mon, 7 Mar 2011 18:11:19 -0800 (PST), Rohit Sethi <rkli...@gmail.com> > wrote: > > Luke, I guess the real question is what's the risk of

Re: Brute force attacks

2011-03-07 Thread Rohit Sethi
here are wrong. On Mar 7, 6:48 pm, Luke Plant <l.plant...@cantab.net> wrote: > On 04/03/11 21:56, Rohit Sethi wrote: > > > Hi all, I wanted to revisit a key security discussion. Brute force > > attacks are the 7th most prevalent attack by number of incidents in >

Re: Brute force attacks

2011-03-06 Thread Rohit Sethi
Ok, we'll go ahead with researching this. Expect to hear back from us within the next 2-3 weeks (if not this upcoming week) Thanks, Rohit On Mar 5, 8:40 am, Rohit Sethi <rkli...@gmail.com> wrote: > Hi Russell, here are my thoughts on your points: > > 1. I do believe there shou

Re: Brute force attacks

2011-03-05 Thread Rohit Sethi
wrote: > On Sat, Mar 5, 2011 at 5:56 AM, Rohit Sethi <rkli...@gmail.com> wrote: > > Hi all, I wanted to revisit a key security discussion. Brute force > > attacks are the 7th most prevalent attack by number of incidents in > > the Web Hacking Incidents Database (http://p

Brute force attacks

2011-03-04 Thread Rohit Sethi
Hi all, I wanted to revisit a key security discussion. Brute force attacks are the 7th most prevalent attack by number of incidents in the Web Hacking Incidents Database (http://projects.webappsec.org/w/ page/13246995/Web-Hacking-Incident-Database), which tracks publicly disclosed breaches in web

Re: Your thoughts on the Secure Web Application Framework Manifesto

2011-02-28 Thread Rohit Sethi
Hi Jacob, just as an FYI I messaged you last week about this off list - my email was from my first name @securitycompass.com. Just wanted to make sure you got it Thanks, Rohit On Feb 24, 6:55 am, Jacob Kaplan-Moss <ja...@jacobian.org> wrote: > Hi Rohit -- > > I had a skim of th

Re: Your thoughts on the Secure Web Application Framework Manifesto

2011-02-22 Thread Rohit Sethi
of it are way too complex to implement as part of a core framework, and which ones are viable. Once we revise the list we'll look at ways to better present the data rather than a huge single doc. Thanks! Rohit On Feb 21, 11:31 pm, Gabriel Hurley <gab...@gmail.com> wrote: > I've go

Re: Your thoughts on the Secure Web Application Framework Manifesto

2011-02-21 Thread Rohit Sethi
orld - nor should it be. So, we (myself and at least four of our developers) will be working closely with the Django community. I will be watching the list closely and providing feedback when I can. Looking forward to working with you Cheers, Rohit On Feb 21, 7:42 pm, Russell Keith-Magee <

Re: Your thoughts on the Secure Web Application Framework Manifesto

2011-02-21 Thread Rohit Sethi
One more point - if any of you have questions for somebody who leaves and breathes web application security every day, please feel free to fire them off to me: rohit at securitycompass.com On Feb 21, 10:21 am, Rohit Sethi <rkli...@gmail.com> wrote: > Django devs, I wanted to

Your thoughts on the Secure Web Application Framework Manifesto

2011-02-21 Thread Rohit Sethi
. Thanks in advance, Rohit Sethi @rksethi -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this group, send email to django-developer