
Research
/Security News
60 Malicious Ruby Gems Used in Targeted Credential Theft Campaign
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
django-simple-cookie-consent
Advanced tools
Django Simple Cookie Consent is a simple Django app to display a custom cookie message. Each visitor to the site will get a popup to say that the site uses cookies.
Detailed documentation is in the "docs" directory.
Add "django_simple_cookie_consent.apps.DjangoSimpleCookieConsentConfig" to your INSTALLED_APPS setting like this::
INSTALLED_APPS = [ ... #Django >= 1.7 'django_simple_cookie_consent.apps.DjangoSimpleCookieConsentConfig', #Django > 1.7 'django_simple_cookie_consent', ]
If using Django South place the following in your SOUTH_MIGRATION_MODULES like this::
SOUTH_MIGRATION_MODULES = { 'django_simple_cookie_consent': 'django_simple_cookie_consent.south_migrations.0001_initial.py', }
Add "{% load django_simple_cookie_consent_tags %}" to your base template then place "{% display_cookie_consent %}" somewhere in the head tag like this::
...other loads {% load django_simple_cookie_consent_tags %}
...other links/scripts {% display_cookie_consent %}Run python manage.py migrate
to create the CookieConsentSettings model.
Start the development server and visit http://127.0.0.1:8000/admin/ to create a settings instance (you'll need the Admin app enabled).
Visit http://127.0.0.1:8000/ to see the cookie message.
This package is using https://github.com/insites/cookieconsent but does not support all features at the current time (this may happen later on if the other features are needed).
FAQs
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
Security News
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.
Research
/Security News
Two npm packages masquerading as WhatsApp developer libraries include a kill switch that deletes all files if the phone number isn’t whitelisted.