Skip to main content

A simple integration of the CTX defense against side-channel attacks for Django projects.

Project description

django-ctx
==============

A simple integration of the CTX defense against side-channel attacks for Django projects.

Requirements
============

- Python 2.5+
- Django 1.9+
- ctx-defense

Installation
============

- Install the latest stable version using ``pip``:

```sh
pip install django-ctx
```

Configuration
=============

- Add ctx to your *INSTALLED_APPS* setting:
```python
INSTALLED_APPS = (
...
'django_ctx',
)
```

- Ctx processes the *context* for template requests, which is implemented using a
*context processor*. Add the ctx processor to your *context_processors* setting:
```python
context_processors = (
...
'django_ctx.context_processors.ctx_protect',
)
```

Basic Usage
===========

- Load the ctx tag library:
```html
{% load ctx_tags %}
```

- Use the *ctx_protect* tag to use ctx on secrets:
```html
{% ctx_protect secret origin alphabet %}
```

*secret* is a string containing the secret that needs to be protected and *origin*
is a string uniquely identifying the CTX origin for the secret. *alphabet* is
an optional argument to define the alphabet that the secret belongs to, default
being 'ASCII' which refers to the [ASCII
printable](https://docs.python.org/2/library/string.html#string.printable) characters.

- Add the *ctx_permutations* tag to include the used permutations for each
origin:
```html
{% ctx_permutations %}
```
The *ctx_permutations* tag needs to be included after all *ctx_protect* tags
that use an origin for the first time. It is proposed that it is included
before the *</body>* HTML tag.

- Include the ctx *client script* in the template:
```html
<script src="ctx.js"></script>
```

Example
=======
```html
<!DOCTYPE html>

<html>

<head>
<meta charset="utf-8">
<title>django-ctx Example</title>
</head>

<body>
{% load ctx_tags %}

This is a very sensitive secret from origin1: {% ctx_protect "my secret" "origin1" %}
This is another very sensitive secret from origin2: {% ctx_protect "my other secret" "origin2" "ASCII_printable" %}

{% ctx_permutations %}
<script src="ctx.js"></script>
</body>

</html>
```


Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

django_ctx-1.0.0-py2.py3-none-any.whl (6.7 kB view details)

Uploaded Python 2Python 3

File details

Details for the file django_ctx-1.0.0-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for django_ctx-1.0.0-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 2fc9bb31ec1c1d83220f46a2ac278181cf5671ac545cec8ebb7043e966befca1
MD5 662e47b700afb36b06c2345808c407c2
BLAKE2b-256 86f663928ae8cfcd8e7626ebfe7568e844604659af8c8ffa9dc89ca19ad7a886

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page