Spammers apparently love Trac. After trying to fighting spam tickets and later installing the SpamFilter plugin, I’ve managed to control spam tickets in the Open Yahtzee Trac site.. But now spammers started spamming in the ticket comments. The bad news is that Trac (at least in version 0.11) doesn’t have built-in facilities to completely remove ticket comments.
Category: Tips
Python’s base64 Module Fails to Decode Unicode Strings
If you’ve got a base64 string as a unicode object and you try to use Python’s base64 module with altchars set, it fails with the following error:
TypeError: character mapping must return integer, None or unicode
This is pretty unhelpful error message also occurs if you try any method that indirectly use altchars. For example:
base64.urlsafe_b64decode(unicode('aass'))
base64.b64decode(unicode('aass'),'-_')
both fail while the following works:
base64.urlsafe_b64decode('aass')
base64.b64decode(unicode('aass'))
While it’s not complicated to fix it (just convert any unicode string to ascii string), it’s still annoying.
URL-Safe Timestamps using Base64
Passing around timestamps in URLs is a common task. We usually want our URLs to be as shortest as possible. I’ve found using Base64 to result in the shortest URL-safe representation, just 6 chars. This compares with the 12 chars of the naive way, and 8 chars when using hex representation.
The following Python functions allow you to build and read these 6 chars URL-safe timestamps:
Continue reading URL-Safe Timestamps using Base64
“CC Yourself” and Spam
Every good web programmer will note that the following contact form markup is probably flawed
<form>
...
<input type="hidden" name="to" value="support@example.com" />
...
</form>
as it is likely that if the value of the “to” field changes the message will be sent to the modified address. The problem with this kind of functionality is that it allows a malicious user to send emails from your mail server. More specifically, it can allow spammers to user your benign server t send their spam (and as a side effect you might be flagged as a spammer yourself).
As this case is pretty obvious one doesn’t see many real-life uses of it anymore (but careless programmers used it more often n the past until they learned better). However one can achieve similar goals (spam-wise) by utilizing a common feature in contact forms: the “CC yourself” checkbox.
Continue reading “CC Yourself” and Spam
Using MusicBrainz when Ripping CDs in KDE
I guess this tip is Gentoo specific. By default KDE uses FreeDB for getting CD info when ripping CDs. If you want to use MusicBrainz native service (not via their FreeDB proxy), there are several steps you’ll need to take.
Continue reading Using MusicBrainz when Ripping CDs in KDE
Disable Touchpad Tapping in Kubuntu
In Ubuntu (gnome) there is an easy graphical way to disable tapping on the touchpad. However, KDE lacks such thing. But lacking graphical configuration doesn’t mean this should be difficult. All you need is the gsynaptics package. The package provides a small utility called synclient. Now you can disable tapping by doing
synclient TapButton1=0
To disable the tapping permanently you should use the following to run the command at the start of every KDE session.
echo "synclient TapButton1=0" > ~/.kde/env/disable-tapping.sh
Using Duplicity and Amazon S3 – Notes and Examples
Up until now I’ve been doing my backups to Amazon S3 using my s3backup script. While it’s simple and does what I needed at the time, I’ve decided to cut some of the costs by switching to incremental backups.
Continue reading Using Duplicity and Amazon S3 – Notes and Examples
Upgrading All QT Modules in Gentoo
Upgrading minor versions QT seems to be a hassle, as each version blocks the previous and because of inter-dependencies, Gentoo can’t understand by itself how to solve them. The solution is to tell it to specifically upgrade all installed modules.
Continue reading Upgrading All QT Modules in Gentoo
NVidia driver fails to initialize after X restart
This is mainly a note to myself. Sometimes when the X server is restart it complains that nvidia driver couldn’t be initialized and that no screens were found. This may be a result of a version mismatch between X11’s and the kernel’s nvidia module. The solution is to
modprobe -r nvidia
before restarting the X server.
Blocking IP Range using UFW
Uncomplicated Firewall (ufw) is one of the greatest frontends to IPTables I’ve encountered. It is very simple to use and I just wish it was also available for Gentoo. Up until recently everything went smoothly for me and ufw, but we hit some rough waters when I’ve tried to block an IP range.
To block an IP or IP range in ufw you should do
sudo ufw deny from 188.162.67.197/21