Should Anti Virus and Anti Malware layer be the first layer in web application stack or can it seat behind services?

Can you have Anti Virus and Anti Malware layer sitting deep with the microservice layer and have the malicious file flow through all the services ? Argument being the file is in memory and not getting processed until the service we will put the Anti Virus and Anti Malware layer on.

Shouldn’t this be stopped at the routing layer of the application?

Can I permanently banish a devil from one layer of the Hells to another using the Banishment spell?

Can I permanently banish a devil from one layer of the Hells to another using the banishment spell?

Let’s say my party is on Avernus. They are attacked by a devil who’s native to Dis (or some other layer of the Nine Hells), and one of the characters casts banishment on it. Are Dis and Avernus considered two different planes, or would the devil be banished to a harmless demiplane for 1 minute?

VPN as a temporary layer of security?

I have a startup working on Django app, that will be processing sensitive personal and financial information. We’re just finalizing a prototype of the product (no paying clients, no investors), so we’re under-staffed on a limited budget.

Our product is a B2B tool, the first users of the prototype will be just a few employees in 2 companies. As a temporary security measure, I am considering setting up a VPN for them and making the production servers inaccessible for public.

It was a pain in the ass to set up for me – OpenVPN server, routing, internal DNS, now HTTPS (not really needed but browses give warnings to the end user). It looks like it will be even more pain to maintain it.

Is a VPN something you would actually do to increase security of an application? Or maybe I’m overthinking and it’s generally safe to host Django apps in public (there is no open sign-up, only a login form is really public).

Can you recommend a step-by-step guide / checklist that I should go through before releasing a Django app to public?

At which phase of boot process could one modify scancode/keycode translation tables of keyboard drivers supporting the Linux input layer API?

I am using keyfuzz to map Alt-Eject to Alt-SysRq in Mac keyboard (See here). But on recent (X)ubuntus it is preferred to use systemd service to run the needed command at startup. I wonder how early I can put that service to be executed? Like which WantedBy=, After=, Before= and such attributes to use so that the configuration works and will not be overwritten? Will it work even in rescue mode boot then?

here is some reference about dependencies between different targets.

Seperating Persistance Layer and Domain Layer

I have been reading alot about Domain Driven Design lately, and starting to feel a little more confident, than when i first touched this topic. I’m using a an Asp Core project, with class libraries for:

  • PersistanceLayer
  • DomainLayer(Service)
  • ApplicationLayer
  • UILayer

Let’s say i have an entity called “Company”, this will have a model in:

  • PersistanceLayer(Persistance model/PM)
  • DomainLayer(Domain model/DM)
  • Application/UI-Layer(Data transfer object/DTO)

I see many people talking about doing mapping from PM to DM in the repository, when some of my models has five-hundred properties it’s not appropriate to have a constructor with this many fields.

I know some of you will say that this model can be refactored etc, but since i’m writing software for my organization and we use old systems thats been around for 30 years, so this is not an option at the moment. I would also like to have domain-events triggered inside the DM, so by assembling a “Company” in the serviceclass, will trigger events.

I basically need a factory function inside my DomainModel that accepts a PersistanceModel and do not trigger any events, is this smelly good? And what are the pros/cons for going with this approach?

Actions including layer fill.

I'm operating in Windows on CC2019.

I'm writing an action in which I include a layer fill. I want it so that when I run the action it fills the layer with the foreground colour I have selected at the time of the running the action each time I run it.

But whenever I record the action, it embeds the colour value of the foreground colour (say 100% cyan) at the time of recording it. So everytime I run it subsequently it fills with 100% cyan no matter what foreground colour is selected.

I know…

Actions including layer fill.

Actions including layer fill.

I'm operating in Windows on CC2019.

I'm writing an action in which I include a layer fill. I want it so that when I run the action it fills the layer with the foreground colour I have selected at the time of the running the action each time I run it.

But whenever I record the action, it embeds the colour value of the foreground colour (say 100% cyan) at the time of recording it. So everytime I run it subsequently it fills with 100% cyan no matter what foreground colour is selected.

I know…

Actions including layer fill.

What architecture layer does GraphQL is part of?

I’m currently dealing with a GraphQL project with poor architecture. I read about where to put AuthZ checks and they refer to the “business layer” as to be called from a GraphQL resolver.

Up till now, I thought GraphQL belong in the Data Access Layer (or at least, JUST BEFORE the DAL), but it now looks like it belongs in the most outside layer, similar to a “controller”.

What layer does it belongs to?

Serverless Architecture – Integrating with Data Layer

My question is in context with the Serverless Architecture (e.g. AWS Lambda) and how does one interact with the Databases in this system.

Typically in a 3 Tier architecture, we have a web service which interacts with the Database. The idea here is to ensure that one database table is owned by one component. So changes in there, does not require changes in multiple places and there is also a clear sense of ownership so scaling and security are easier to manage.

However, moving to serverless architecture, this ownership is no more clear and exposing a web service to access a database and having a Lambda use this web service does not make sense to me.

I would like to know a bit on the common patterns and practices around this.

Ruby Array being passed wrong to the javascript layer

I have an application, where I have an Array of elements on my controller. I want to pass this Array to a Javascript view, and then convert it to a JSON and parse it.

This is my View:

<% content_for :page_meta do %>     <script>         const filterItems = "<%= @filter_options %>";         const productItems = "<%= @mdms_products %>";                </script> 

If I debug @filter_options. I have this on IRB:

@filter_options.class = Array 

And the value:

[{:name=>"Solution Type", :uid=>"application", :component=>"HierarchicalListFilter", :props=>{:rootUrl=>"/insulation/commercial/enclosure/applications", :rootText=>"Enclosure Solutions"}, :values=>[{:name=>"Walls", :slug=>"walls", :children=>[{:name=>"Framed", :slug=>"framed", :children=>[{:name=>"Steel Stud", :slug=>"steel-stud"}, {:name=>"Wood Stud", :slug=>"wood-stud"}]}, {:name=>"Masonry", :slug=>"masonry", :children=>[{:name=>"Concrete Masonry Unit", :slug=>"concrete-masonry-unit"}]}, {:name=>"Concrete", :slug=>"concrete", :children=>[{:name=>"Precast", :slug=>"precast"}, {:name=>"Tilt-up", :slug=>"tilt-up"}, {:name=>"Cast-in-place", :slug=>"cast-in-place"}]}, {:name=>"Metal Building", :slug=>"metal-building"},  

Everything looks perfect right? But, on my javascript console debug, when I get the value of productItems I get this weird String:

[{:name=&gt;&quot;Solution Type&quot;, :uid=&gt;&quot;application&quot;, :component=&gt;&quot;HierarchicalListFilter&quot;, :props=&gt;{:rootUrl=&gt;&quot;/insulation/commercial/enclosure/applications&quot;, :rootText=&gt;&quot;Enclosure Solutions&quot;}, :values=&gt;[{:name=&gt;&quot;Walls&quot;, :slug=&gt;&quot;walls&quot;, :children=&gt;[{:name=&gt;&quot;Framed&quot;, :slug=&gt;&quot;framed&quot;, :children=&gt;[{:name=&gt;&quot;Steel Stud&quot;, :slug=&gt;&quot;steel-stud&quot;}, 

And of course, when I try to do a JSON.parse(filterItems) it shows a parse error.

So, Whats is the better way to pass an Ruby Array, to a Json in Javascript?