Hi
user
Admin Login:
Username:
Password:
Name:
A practical guide to web security
--client
kiwipycon
--show
kiwipycon2015
--room Track_2 10279 --force
Next: 1 Python in Classrooms
show more...
Marks
Author(s):
Jeremy Stott
Location
Track 2
Date
sep Sat 05
Days Raw Files
Start
11:25
First Raw Start
error-in-template
Duration
00:30:00
Offset
None
End
11:55
Last Raw End
Chapters
Total cuts_time
None min.
https://kiwi.pycon.org/schedule/presentation/77/
raw-playlist
raw-mp4-playlist
encoded-files-playlist
mp4
svg
png
assets
release.pdf
A_practical_guide_to_web_security.json
logs
Admin:
episode
episode list
cut list
raw files day
marks day
marks day
image_files
State:
---------
borked
edit
encode
push to queue
post
richard
review 1
email
review 2
make public
tweet
to-miror
conf
done
Locked:
clear this to unlock
Locked by:
user/process that locked.
Start:
initially scheduled time from master, adjusted to match reality
Duration:
length in hh:mm:ss
Name:
Video Title (shows in video search results)
Emails:
email(s) of the presenter(s)
Released:
has someone authorised pubication
Unknown
Yes
No
Normalise:
Channelcopy:
m=mono, 01=copy left to right, 10=right to left, 00=ignore.
Thumbnail:
filename.png
Description:
markdown
This presentation is an introduction to securing your Python web application. I am definitely not a security expert, just a developer who thinks security should be everyone's job. That's right. It's your responsibility too. Hopefully I can soften the blow by giving you a beginner's guide to security. That's me, the beginner. We will pick apart an example Python web application to demonstrate good security practices, along with examples and explanations of why they are important. I'll cover a few different web security topics: * Not trusting any input from your users * Authentication and session management * Using HTTPS effectively * Things not to do in client land * Obvious mistakes * Not so obvious mistakes If you have written a web application and not thought twice about security, this talk is for you. If you can name the OWASP Top 10, then you can come along anyway and ask me a really tricky question at the end.
Comment:
production notes
Rf filename:
root is .../show/dv/location/, example: 2013-03-13/13:13:30.dv
Sequence:
get this:
check and save to add this
Veyepar
Video Eyeball Processor and Review