Stuff I'm Up To

Technical Ramblings

DMARC, SPF and DKIM — November 11, 2016


For several ears now we’ve run a fairly tight ship on our email server. It consumes an awful lot of resources mainly because of how many businesses out there fail to properly configure their email server correctly. By far the biggest failing is not using the proper HELO/EHLO name and not having a reverse DNS (RNDS/PTR) record that matches.

So please, if you’re an email admin, get it sorted. This is an internet standard from way back in the 1980’s and beyond!

Adding to our anti-spam systems using DKIM and SPF we’ve brought in DMARC to enforce compliance with these standards. So in future we’ll be telling recipients to reject mail claiming to be from our domain that fails to meet the SPF and DKIM checks.

Continue reading

Invalid View Path, Token Mismatch — November 7, 2016

Invalid View Path, Token Mismatch

Somehow I managed to bork my Laravel development app. I’m not entirely sure what I did as I only changed one of my config files, but I was getting a blank page when visiting the site. Checking the Laravel log showed nothing. Checking the Nginx logs suggested a permission problem. So I cleared the storage folder and things didn’t get any better!

So I Tried:

$ php artisan cache:clear
$ php artisan config:clear
$ php artisan view:clear

Which resulted in:

View path not found.

Continue reading

NGINX and Laravel — September 20, 2016

NGINX and Laravel

NGINX needs a little special setup to handle Laravel as Laravel only really serves one page. All others are served through index.php as a route.

index index.php;

location / {
    # First attempt to serve request as file, then
    # as directory, then fall back to displaying index.php.
    try_files $uri $uri/ /index.php$query_string;

They key parts here are serve index.php as the index page and then using try files when it can’t find $uri serve up index.php and pass the $query_string as the parameters.

Continue reading

spatie\laravel-permission — September 16, 2016
Adldap2\Adldap2-Laravel — September 14, 2016
Laravel Redirect to Intended — September 13, 2016
It’s getting late — September 11, 2016
Laravel CSRF & $.ajax() — September 8, 2016

Laravel CSRF & $.ajax()

Laravel has a nice built in feature to prevent Cross Site Request Forgeries. In each form you simply drop in a {{ csrf_field() }} and you end up with an _token field that Laravel sniffs out on each submission. If it doesn’t match the sent token the submission fails.

I was trying to use JQuery and retrieve data and faced the problem that my token never matches as my $.ajax() command was not sending it.

There’s more than one way to skin a cat. You need to get the _token parameter into the $.ajax() request. You can either use blade to write it into your JavaScript, fetch it using a JQuery selector or probably the easiest way make it part of the $.ajax() call by default.

Continue reading