Hi Jens,
I would try to factor out as many code as possible which is common to both
views into a separate function and use this function both context. I
assume the validation and setting values in the profile work in the same
way and does not rely on its context.
This way you can implement
Am Freitag, 4. August 2017 15:24:26 UTC+2 schrieb Torsten Irländer:
>
> Thanks for your reply Bert!
>
> Ok, in this case I think I am using the wild_domain option correct but the
> behaviour is not correct and there seems to be a defect. However I set this
> option always
Thanks for your reply Bert!
Ok, in this case I think I am using the wild_domain option correct but the
behaviour is not correct and there seems to be a defect. However I set this
option always to cookies are set.
I will file a issue for this.
Torsten
--
You received this message because you
Hi,
I'm in doubt how to use the "wild_domain" option in
AuthTktAuthenticationPolicy correct or if I found a defect. Before opening
a ticket I want to ask here.
I'm using for AuthTktAuthenticationPolicy cookie-based authentification for
a site hosted under "my-app.foo.example.com"
As
Hi,
I would like to see a the security topic being covered. I would like to see
how to handle the TOP10 OWASP security threats in Pyramid by simple
examples. Just to get the idea for those who are new to this and make
others aware that this is an important part of web development. I think
this
a lot managing larger forms.
Maybe this is of some value for you.
[0] http://formbar.readthedocs.org/en/latest/start.html
Torsten
--
Torsten Irländer | ++49-541-335 08 30 | http://www.intevation.de/
Intevation GmbH, 49074 Osnabrück, DE | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koorman
on the transaction from unauthenticated_userid on every
request.
On Thu, Jul 9, 2015 at 1:16 PM, Torsten Irländer tors...@irlaender.de
wrote:
I came up with a first version of a tween which seems to do what I want
on the first tests. Does this look reasonable or is there a better way?
from
Hi,
I am using the AuthTktAuthenticationPolicy for authentification and set a
timeout to invalidate the auth_tkt cookie after some time of user
inactivity. The cookie's timeout is reissued on every request which
requires an authetification. This works good so far.
What I want is to reissue the
by triggering
requests this tween will refresh the timeout on every request.
policy = request.registry.queryUtility(IAuthenticationPolicy)
policy.cookie.identify(request)
return handler(request)
return refresh_auth_timeout_tween
Torsten Irländer tors...@irlaender.de schrieb
If you just want to get the latest version of a given branch you will not
need to use the setuptools_git for this:
http://stackoverflow.com/questions/3472430/how-can-i-make-setuptools-install-a-package-thats-not-on-pypi
One drawback seems to be the versioning of the software you fetch from the
Hi,
I gave it a try, too. MacOS X 10.10, Python 2.7.9 from MacPorts.
Everything worked fine.
Great! Thanks for your feedback and congratulation, you are the first
official MacOS user of Ringo :) If there is anyone else who want to be the
first one on other OS too then go for it. There are
2015-01-03 22:36 GMT+01:00 Bert JW Regeer xiste...@0x58.com:
On Jan 2, 2015, at 17:25 , tamgoma...@gmail.com wrote:
but this gives me an error (see full traceback below):
ImportError:
/home/xxx/.local/lib/python2.7/site-packages/lxml/etree.so: undefined
symbol:
2015-01-04 15:13 GMT+01:00 Laurent DAVERIO ldave...@gmail.com:
Great! Thanks for your feedback and congratulation, you are the first
official MacOS user of Ringo :) If there is anyone else who want to be
the first one on other OS too then go for it. There are plenty options
left ;)
OK,
2015-01-03 1:25 GMT+01:00 tamgoma...@gmail.com:
Hi, this looks very nice, but I am not able to get it running - the
instructions in the 'get started' section of the website do not get me
started, unfortunately.
Sorry for the inconvenience but as Steve already noticed there are some
flaws
Steve,
Thanks for helping here and sharing your steps to get a working Ringo
application! Good to see that people give it a try and actually get it
running:)
I have revised the documentation. Please note that the documentation was
missing an important step:
After creating a new module the
Hi all,
Happy new year to you and all the best!
I just wanted to let you know about a little pyramid based project I worked
on
the last couple of months:
Ringo. A high level web application framework (yet another). See
http://ringo-dev.intevation.de/ for more information.
Maybe this is or
Sorry for the double post here. This mail was swent before the other one
and i assume it has been kept back in the spam filter.
Please ignore this post. Maybe a list admin can even delete it?
Am 03.01.2015 08:22 schrieb Torsten Irländer tors...@irlaender.de:
Hi all,
Happy new year to you
Hi first thanks for your feedback. I am.sorry that it did not work out for
you yet. I will look into it this evening and will write a littlebit more
on this.
Torsten
Am 03.01.2015 08:22 schrieb tamgoma...@gmail.com:
Hi, this looks very nice, but I am not able to get it running - the
/pyramid.rst
Thank you!
--steve
On 1/1/15 at 10:59 AM, tor...@irlaender.de javascript: (Torsten
Irländer) pronounced:
Hi all,
I just wanted to let you know about a little pyramid based
project I worked on
the last couple of months:
Ringo. A high level web application framework
Hi all,
I just wanted to let you know about a little pyramid based project I worked
on
the last couple of months:
Ringo. A high level web application framework (yet another). See
http://ringo-dev.intevation.de/ for more information.
Maybe this is of any use for someone here. Your feedback is
When it comes to general vulnerabilities regarding in web development
pyramid, like CSRF, XSS, Clickjacking or other Injection attacks pyramid is
IMHO as vulnerable as any other framework else. It is up to you to not
mess around in the code and to take care for sufficient pretection. Some of
Am Dienstag, 9. Dezember 2014 16:52:03 UTC+1 schrieb lostdorje:
Building a startup with a small team, how to decide between using Pyramid
(or possibly Django) or Ruby?
When deciding between the programming languages Python and Ruby I would go
for
Python. Python has a strong and stable user
--
Torsten Irländer | ++49-541-335 08 30 | http://www.intevation.de/
Intevation GmbH, 49074 Osnabrück, DE | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
--
You received this message because you are subscribed to the Google Groups
pylons-discuss
Hi,
+1 for mako.
I also use mako to generate the CSS files if I want to add some dynamic
content. This works pretty well so far here.
Am Dienstag, 21. Oktober 2014 00:31:00 UTC+2 schrieb gazza:
Hello,
Normally I would pass my context object to a template. However I would
like to
pass
On Thu, Sep 04, 2014 at 08:24:18PM +0200, Lele Gaifax wrote:
Torsten Irländer tors...@irlaender.de
writes:
I do not see any technical problems using a webapplication framework like
pylons or pyramid with ExtJs.
The problem is IMO more of understanding how thing work together
I do not see any technical problems using a webapplication framework like
pylons or pyramid with ExtJs.
The problem is IMO more of understanding how thing work together in such an
architecture, this is quite different to the old shool way of building
websites. And this is the point where i am
On Mon, Aug 11, 2014 at 12:01:04PM -0700, 'gazza' via pylons-discuss wrote:
hello,
Currently I'm using pylons 1.1 and some basic javascript, css and html.
I was thinking of moving to ExtJs. However I would like to keep my pylons
but I want to use a web framework that allows me construct web
Hi,
Currently my model has some reference to pyramid specific stuff like the
current request.
In order to make the design of the model more clean I try to refactor the
model and get rid of the request references in the model. Well, the model
is not planed to be used anywhere than within the
On Tue, Jul 29, 2014 at 03:59:05PM -0700, Laurence Rowe wrote:
On Thursday, 24 July 2014 23:55:29 UTC-7, Torsten Irländer wrote:
Hi Laurence,
My goal is to replace this central db connection (with credentials held as
plaintext in the ini file) with a per request connection with credetials
Am Freitag, 25. Juli 2014 08:55:29 UTC+2 schrieb Torsten Irländer:
Hi,
Does anyone have experience in this?
Thanks everyone for the answers and hints to be aware of. It helped me a
lot!
Similar to Lele my application will not have too many users. So exceeding
the max connection
Hi,
I am not sure if this topic should better be in the sqlalchemy group but as
it is directly related to the way pyramid web applications are driven
often I ended up posting here.
I have a webapplication using sqlalchemy and ORM with one single connection
(or better a connection pool) to
On Fri, Jul 25, 2014 at 09:44:32AM +0200, Lele Gaifax wrote:
Torsten Irländer tors...@irlaender.de
writes:
Hi Lele,
My goal is to replace this central db connection (with credentials held as
plaintext in the ini file) with a per request connection with credetials
provided by the user
, etc...
[0] http://invoke.readthedocs.org/en/latest/
--
Torsten Irländer | ++49-541-335 08 30 | http://www.intevation.de/
Intevation GmbH, 49074 Osnabrück, DE | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
--
You received this message
Am Donnerstag, 3. Juli 2014 15:30:09 UTC+2 schrieb Bert JW Regeer:
Hello Bert,
If your GET requests are not idempotent (i.e. They will always return the
exact same response, and don’t modify any state) there is no cross site
request forgery that can happen.
I think you mean if the GET
Am Dienstag, 8. Juli 2014 15:23:47 UTC+2 schrieb Chris Rossi:
On Tue, Jul 8, 2014 at 2:27 AM, Torsten Irländer tor...@irlaender.de
javascript: wrote:
I think the general conclusion that GET request are not vulnerable is
only true under certain circumstances. And I as a implementer do
Am Freitag, 4. Juli 2014 11:05:49 UTC+2 schrieb cornelius:
Am 04.07.2014 10:21, schrieb Torsten Irländer:
As I did not wanted to keep track on synchronizer tokens on the server
side, the original web application read the session cookie from the browser
and added the this token
Am Donnerstag, 3. Juli 2014 10:48:24 UTC+2 schrieb cornelius:
Am 03.07.2014 08:43, schrieb Torsten Irländer:
Am Donnerstag, 3. Juli 2014 00:32:15 UTC+2 schrieb cornelius:
Am 02.07.2014 23:01, schrieb Torsten Irländer:
Am Mittwoch, 2. Juli 2014 17:00:02 UTC+2 schrieb Bert JW
Am Donnerstag, 3. Juli 2014 00:32:15 UTC+2 schrieb cornelius:
Am 02.07.2014 23:01, schrieb Torsten Irländer:
Am Mittwoch, 2. Juli 2014 17:00:02 UTC+2 schrieb Bert JW Regeer:
On Jul 2, 2014, at 7:29, Torsten Irländer tor...@irlaender.de wrote:
I guess that most people only talk
Am Donnerstag, 3. Juli 2014 01:15:41 UTC+2 schrieb Randall Leeds:
On Wed, Jul 2, 2014 at 2:01 PM, Torsten Irländer tor...@irlaender.de
javascript: wrote:
Am Mittwoch, 2. Juli 2014 17:00:02 UTC+2 schrieb Bert JW Regeer:
On Jul 2, 2014, at 7:29, Torsten Irländer tor...@irlaender.de
Am Donnerstag, 3. Juli 2014 09:03:32 UTC+2 schrieb Bert JW Regeer:
On Jul 3, 2014, at 00:57 , Torsten Irländer tor...@irlaender.de
javascript: wrote:
Hmm... I was thinking of a simple HTML mail with some JS code which gets
executed in Alice browser when opening the Mail
Hi,
I need to protect some of my GET requests in the application against CSRF
attacks.
AFAIKS many (if not all) resources writing about CSRF protection say that
this is usually only need to be done for POST requests which will change
data or the state of the application. However I feel the
Am Mittwoch, 2. Juli 2014 17:00:02 UTC+2 schrieb Bert JW Regeer:
On Jul 2, 2014, at 7:29, Torsten Irländer tor...@irlaender.de
javascript: wrote:
I need to protect some of my GET requests in the application against
CSRF attacks.
AFAIKS many (if not all) resources writing about CSRF
On Mon, Jul 15, 2013 at 02:11:29PM +0200, Antonio Beamud Montero wrote:
Exists a tween like maintenance-mode in Django?
On the other hand, what's the best approach to solve this situation?
a) Directly in apache, redirecting to a static site?
IMO this is the right way.
b) Changing the routes
.
To post to this group, send email to pylons-discuss@googlegroups.com.
Visit this group at http://groups.google.com/group/pylons-discuss.
For more options, visit https://groups.google.com/groups/opt_out.
--
Torsten Irländer | ++49-541-335 08 30 | http://www.intevation.de/
Intevation GmbH
Hi,
I am currently migrating my Pylons application to Pyramid and I have some
questions on how to realize things in the pyramid way.
In my old applications I often used a kind of base library which provides
default templates and basic static files which can be overwritten by the
application.
regards
robert
On Mon, Jan 28, 2013 at 1:17 PM, Torsten Irländer
tor...@irlaender.dejavascript:
wrote:
Hi,
I am currently migrating my Pylons application to Pyramid and I have
some
questions on how to realize things in the pyramid way.
In my old applications I often used
46 matches
Mail list logo