400 means general client error, so it's perfectly fine for an invalid
query parameter. 200 tells the client it's OK to bookmark this URL,
and messes up your access log statistics. 500 makes it look like the
server is broken. Often these malformed URLs are dumb spiders or
attacks, and 400 tells them to go to hell. On my sites I've seen URLs
without required query parameters (indicating they didn't go through
my links), or with a parameter set to an external URL (spam attempt).
It's an easy one-liner to do:
abort(400, "required query param 'foo' missing")
On Fri, Aug 22, 2008 at 10:51 PM, Ben Bangert <[EMAIL PROTECTED]> wrote:
> @validate already has 4 too many options, there's no way it should
> have any more, in fact, it shouldn't have as many as it does. ;)
>
> It needs some serious re-working, likely as several decorators, or options
> that can be combined in various ways, to avoid having a single function with
> 10+ keyword options (eeeeek). There was a proposal awhile back to split it
> up, I think that should be revisited. I see no problem with making this an
> option for those that want it, we just need it in a new validate setup.
http://pylonshq.com/project/pylonshq/ticket/405
I want to work on this when I have time because there are so many
cases where @validate is too monolithic. (E.g., need a database
record to validate against, don't need a whole validator class.) In
the meantime there's code in the ticket if somebody wants to try it
out.
--
Mike Orr <[EMAIL PROTECTED]>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~----------~----~----~----~------~----~------~--~---
