Re: Pylons' redirect_to function does not work with HTTPS

2009-08-03 Thread hekevintran 

Yes, WebFaction uses nginX for HTTPS.  WebFaction said that they send
'X-FORWARDED-PROTO' and 'X-FORWARDED-SSL' headers which apparently
Pylons doesn't parse.  Is there a better solution here?

On Aug 2, 10:28 pm, Mike Orr sluggos...@gmail.com wrote:
 On Sun, Aug 2, 2009 at 9:03 PM, hekevintranhekevint...@gmail.com wrote:

  I found a good solution.  It will know which protocol to use if you
  specify it in the function call to redirect_to:

  return redirect_to(protocol='https', controller='myController',
  action='index')

 That's a workaround, yes.  Is WebFaction doing proxying?  Because my
 HTTPS application uses ProxyPass and the URLs are generated correctly
 even without the protocol option.

 --
 Mike Orr sluggos...@gmail.com
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to 
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---

Re: Using %(here)s in logging config

2009-08-03 Thread kochhar 

Mike Orr wrote:
 On Fri, Jul 31, 2009 at 12:05 PM, kochharkochhar...@gmail.com wrote:
 Hi all,

 I'm trying to use the %(here)s variable in my logging config but I get the
 following error:

 ConfigParser.InterpolationMissingOptionError: Bad value substitution:
section: [handler_file]
option : args
key: here
rawval : ('%(here)s/var/log/krumplez.local.log', 'midnight', 1, 3)

 The corresponding section of my ini file is:

 [handler_file]
 class = handlers.TimedRotatingFileHandler
 args = ('%(here)s/var/log/kurmplez.local.log', 'midnight', 1, 3)
 level = NOTSET
 formatter = generic

 Google wasn't very helpful in figuring out how to configure logging output 
 to a
 directory relative to the config file. Is there some trick to getting the
 interpolation to work? The comment at the top of the file says:
 # The %(here)s variable will be replaced with the parent directory of this 
 file
 #
 
 The file is used in two different ways.  Variables are extracted using
 paste.deploy.loadwsgi.NicerConfigParser, which interpolates %(here)s.
 Logging configuration is done by logging.config.fileConfig, which
 doesn't know about interpolation.  

That's quite non-intuitive. What's the benefit of lumping the configs together 
if they behave differently? Could NicerConfigParser be used to generate an 
temporary interpolated version of the config file to give to logging's 
fileConfig? I'd be happy to write a patch if that's a reasonable fix.

 You'll probably have to use
 absolute paths.  Or if you're running the application under
 Supervisor, you can let it default to stdout and then redirect it to a
 file in the Supervisor config.

I'm using absolute paths now, it makes running the app from multiple locations 
painful.


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to 
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---

Re: Using %(here)s in logging config

2009-08-03 Thread Mike Orr 

On Mon, Aug 3, 2009 at 2:41 AM, kochharkochhar...@gmail.com wrote:

 Mike Orr wrote:
 On Fri, Jul 31, 2009 at 12:05 PM, kochharkochhar...@gmail.com wrote:
 Hi all,

 I'm trying to use the %(here)s variable in my logging config but I get the
 following error:

 ConfigParser.InterpolationMissingOptionError: Bad value substitution:
        section: [handler_file]
        option : args
        key    : here
        rawval : ('%(here)s/var/log/krumplez.local.log', 'midnight', 1, 3)

 The corresponding section of my ini file is:

 [handler_file]
 class = handlers.TimedRotatingFileHandler
 args = ('%(here)s/var/log/kurmplez.local.log', 'midnight', 1, 3)
 level = NOTSET
 formatter = generic

 Google wasn't very helpful in figuring out how to configure logging output 
 to a
 directory relative to the config file. Is there some trick to getting the
 interpolation to work? The comment at the top of the file says:
 # The %(here)s variable will be replaced with the parent directory of this 
 file
 #

 The file is used in two different ways.  Variables are extracted using
 paste.deploy.loadwsgi.NicerConfigParser, which interpolates %(here)s.
 Logging configuration is done by logging.config.fileConfig, which
 doesn't know about interpolation.

 That's quite non-intuitive. What's the benefit of lumping the configs together
 if they behave differently? Could NicerConfigParser be used to generate an
 temporary interpolated version of the config file to give to logging's
 fileConfig? I'd be happy to write a patch if that's a reasonable fix.

The 'benefit' is using Python's standard configuration mechanism.  The
code is all in paste.deploy.loadwsgi or thereabouts, so you'd have to
file a bug there and convince Ian to include it.

One thing I wish it would do is to configure the logging when loading
the file standalone; e.g., in model tests.  Currently it configures
logging only  when you go through 'paster serve'.

-- 
Mike Orr sluggos...@gmail.com

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to 
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---

Re: Using Multiple Databases (SQLALCHEMY)

2009-08-03 Thread Wyatt Baldwin 

On Aug 1, 10:20 am, Raoul Snyman raoul.sny...@gmail.com wrote:
 2009/8/1 RossC sendrossem...@gmail.com:

  I've followed the instructions about adding databases and using binds
  instead of bind to the SA Session; However and this is the bit that
  I'm missing, how do I associate a table def / Model with that second
  Session connection? and indeed how do I connect using the DB details
  selected from the central Database?

  Can this be done using SA? or do I have to use the DB Engine API?

 While I haven't done dynamic database connections, I have written a
 Pylons app that connects to 3 different databases using SQLAlchemy. I
 had to use 3 different Session and metadata objects.

It is fairly straightforward to have just *one* metadata and *one*
Session with multiple engines. You can use the `binds` arg when
creating the session, or you can subclass `Session` and override
`get_bind` (that's what I did). Don't know if that's helpful for your
situation...

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to 
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---

Parsing hash arguments in routing.py

2009-08-03 Thread Roy Hyunjin Han 

It seems that pylons truncates part of the URL including and after the hash.

For example, there does not seem to be a way to extract the xxx in the
following URL: http://zzz#xxx

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to 
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---

Re: Parsing hash arguments in routing.py

2009-08-03 Thread Mike Orr 

On Mon, Aug 3, 2009 at 12:01 PM, Roy Hyunjin
Hanstarsareblueandfara...@gmail.com wrote:

 It seems that pylons truncates part of the URL including and after the hash.

 For example, there does not seem to be a way to extract the xxx in the
 following URL: http://zzz#xxx

The fragment part is never sent to the server; it's used by the
browser to scroll to a position within the page.  So what Pylons
receives is http://zzz;.

-- 
Mike Orr sluggos...@gmail.com

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to 
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---

Re: Using Multiple Databases (SQLALCHEMY)

2009-08-03 Thread Ross Vandegrift 

On Sat, Aug 01, 2009 at 05:13:23AM -0700, RossC wrote:
 I've just started researching and prototyping with pylons and
 sqlalchemy and have a question that I'm sure can be answered quickly.
 
 My project has the requirement to connect to a central db, get a
 second connections details from that central database and then open
 another connection to that specified connection.

Do you need to maintain the original connection, or is it merely a
broker for the actual connection?

If you don't need it, have your function that sets up the model
replace the metadata and sessionmaker with new ones from the second
connection.

Ross

-- 
Ross Vandegrift
r...@kallisti.us

If the fight gets hot, the songs get hotter.  If the going gets tough,
the songs get tougher.
--Woody Guthrie

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to 
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---

Re: Parsing hash arguments in routing.py

2009-08-03 Thread Ben Bangert 

On Aug 3, 2009, at 12:01 PM, Roy Hyunjin Han wrote:

 It seems that pylons truncates part of the URL including and after  
 the hash.

 For example, there does not seem to be a way to extract the xxx in the
 following URL: http://zzz#xxx

Anchors are not sent to the remote website. It's not Pylons, its the  
way the browser works.

Cheers,
Ben

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to 
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---

Re: Parsing hash arguments in routing.py

2009-08-03 Thread Roy H. Han 

On Aug 3, 3:24 pm, Ben Bangert b...@groovie.org wrote:
 Anchors are not sent to the remote website. It's not Pylons, its the
 way the browser works.

 Cheers,
 Ben

On Aug 3, 4:33 pm, Mike Orr sluggos...@gmail.com wrote:
 The fragment part is never sent to the server; it's used by the
 browser to scroll to a position within the page.  So what Pylons
 receives is http://zzz;.


Ah.  I thought I found a clever way for a dynamic site to have a
bookmarkable state, but I guess not.  Thanks for responding.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to 
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---

Re: Using %(here)s in logging config

2009-08-03 Thread Philip Jenvey 


On Aug 3, 2009, at 2:41 AM, kochhar wrote:


 Mike Orr wrote:
 On Fri, Jul 31, 2009 at 12:05 PM, kochharkochhar...@gmail.com  
 wrote:

 The file is used in two different ways.  Variables are extracted  
 using
 paste.deploy.loadwsgi.NicerConfigParser, which interpolates %(here)s.
 Logging configuration is done by logging.config.fileConfig, which
 doesn't know about interpolation.

 That's quite non-intuitive. What's the benefit of lumping the  
 configs together
 if they behave differently? Could NicerConfigParser be used to  
 generate an
 temporary interpolated version of the config file to give to logging's
 fileConfig? I'd be happy to write a patch if that's a reasonable fix.


fileConfig accepts a set of defaults to pass to ConfigParser, so I've  
made PasteScript's logging config loader pass 'here' (and also  
'__file__' which PasteDeploy apparently sets up):

http://trac.pythonpaste.org/pythonpaste/changeset/8052

--
Philip Jenvey

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to 
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---

Is passing a session id as a post param a security risk?

2009-08-03 Thread Jesse Howarth 

For my website I'm using SWFUpload (http://swfupload.org/) to handle
multiple file uploading.  The problem is when the uploader sends an
upload request, it creates a new session.  My solution to this was to
set the session id for the mako template, and then post the session
back with SWFUpload.  Then I would load the session back with the
session id and I could use the old session.

My question is, is this a big security risk?  Is there aa better
solution to this problem (perhaps a more pylons-friendly multiple file
uploader)?

Thanks.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
pylons-discuss group.
To post to this group, send email to pylons-discuss@googlegroups.com
To unsubscribe from this group, send email to 
pylons-discuss+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/pylons-discuss?hl=en
-~--~~~~--~~--~--~---