Garret Wassermann

icon indicating a website link gwasser.github.io

icon location Pittsburgh, PA icon location Cybersecurity Analysis & Software Application Security. Rust & Haskell enthusiast, Free Software advocate. Applied Mathematician. Previously: @CERTCC @cmu-sei

Results 175 comments of Garret Wassermann

Project Logo

I updated the project group avatar using the same image but if you'd like it to change let me know.

Helpdesk limits which files can be attached

An attempt at having some more secure defaults. Whenever allowing file uploads from the public, there is a risk of malicious files being uploaded for command injection, cross-site scripting attacks,...

Helpdesk limits which files can be attached

This page from OWASP describes potential security issues and ways to mitigate: https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload. It does recommend restricting both file names and file extensions to smallest known set needed, in order...

Question about bootstrap and form layout

Django allows you to include custom templates in your project that would override the defaults from django-helpdesk. You could copy the base-head.html file, edit it to include whatever version of...

Replace custom reporting/charts with generic Django library, ie django-chartit or django-report-tools

django-report-tools unfortunately seems abandoned (last update in 2014 supporting Django 1.6, yikes). django-chartit seems to rely on the Highchart library which is a free-as-in-free-beer license only for non-commercial use so...