There is one good simple rule for WSGI. Do not do WSGI stuff from scratch. Use a reputable Python web framework that has already done all the hard work as far as addressing the most common application side security issues.
What Python web framework are you using? Graham On Saturday, 17 December 2011, Garito <[email protected]> wrote: > Thanks Drew! > As I said I'm reading the developing guide from OWASP but they cover > mostly PHP, ASP.NET and Java > Nothing about Python nor WSGI > > On 16 dic, 22:23, Drew Yeaton <[email protected]> wrote: >> Hey Garito, >> >> This probably isn't the mailing list you need; it's for modwsgi specifically, not general purpose development questions. It appears that a OWASP-specific mailing exists here: >> >> https://lists.owasp.org/mailman/listinfo >> >> Drew >> >> On Dec 16, 2011, at 4:16 PM, Garito wrote: >> >> >> >> >> >> >> >> > Everything! >> > Ideally will be a guide who covers the whole process (from systems to >> > developing) but I know this is idealistic >> >> > Now I'm reading the OWASP developing guide but this is a generic >> > developing security guide >> >> > Thanks! >> >> > On 16 dic, 22:01, Graham Dumpleton <[email protected]> wrote: >> >> On 17 December 2011 07:51, Garito <[email protected]> wrote: >> >> >>> Hi all! >> >>> I'm in the last stage of developing my programming language (?) called >> >>> Yanged (I consider it a programming language but not sure at all) >> >> >>> It's based on mindmaps. I mean I use mindmaps as source code in Yanged >> >> >>> To test it, I'm developing an ecommerce plataform very basic but good >> >>> enought for people who don't need special sell processes and don't >> >>> like magnetos and this other tipical more hard ecommerce solutions >> >> >>> I hope I could finish it next month or sometime near that >> >> >>> So, I begin to put the security layer to the language but I'm not a >> >>> security expert so far >> >> >>> Here is my question part off topic, part not: could you point me to a >> >>> good documentation about security (the off topic?) that talks about >> >>> wsgi (the non off topic) in particular? >> >> >> Are you talking about WSGI in general or Apache/mod_wsgi in particular? >> >> >> You may also have to be a bit more specific as the question is quite vague. >> >> >> Graham >> >> > -- >> > You received this message because you are subscribed to the Google Groups "modwsgi" group. >> > To post to this group, send email to [email protected]. >> > To unsubscribe from this group, send email to [email protected]. >> > For more options, visit this group athttp:// groups.google.com/group/modwsgi?hl=en. > > -- > You received this message because you are subscribed to the Google Groups "modwsgi" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to [email protected]. > For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en. > > -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en.
