Re: [Web-SIG] Any practical reason type(environ) must be dict (not subclass)?

I don't see this relevant message in your references. https://mail.python.org/pipermail/web-sig/2004-September/000749.html Perhaps that, and following messages, might shed more light? On Thu, Mar 24, 2016 at 3:18 PM, Jason Madden wrote: > Hi all, > > > Is there

Re: [Web-SIG] REMOTE_ADDR and proxys

[Collin] It seems to me, it is the role of the server/gateway, not the application/framework to determine the correct client ip address and correctly account for the situation of being behind a known proxy. I disagreee. I think it is the role of the server/gateway to represent the actual

Re: [Web-SIG] Fwd: Can writing to stderr be evil for web apps?

[anatoly] Martin expressed concerns that using logging module with stderr output can break web applications, such as PyPI. Please can you specify exactly what you mean by using logging module with stderr output? Dealing with stderr is a webserver specific concern. Consider the case where

Re: [Web-SIG] WSGI for Python 3

[PJ Eby] IOW, the bytes/string discussion on Python-dev has kind of led me to realize that we might just as well make the *entire* stack bytes (incoming and outgoing headers *and* streams), and rewrite that bit in PEP 333 about using str on Python 3000 to say we go with bytes on Python 3+ for

Re: [Web-SIG] Request for Comments on upcoming WSGI Changes

[Ian] OK, another proposal entirely: we kill SCRIPT_NAME and PATH_INFO introduce two equivalent variables that hold the NOT url-decoded values. [Graham] That may be fine for pure Python web servers where you control the split of REQUEST_URI into SCRIPT_NAME and PATH_INFO in the first place

Re: [Web-SIG] Request for Comments on upcoming WSGI Changes

[Ian] When things get messed up I recommend people use a middleware (paste.deploy.config.PrefixMiddleware, though I don't really care what they use) to fix up the request to be correct.  Pulling it from REQUEST_URI would be fine. That would be unworkable under java servlet containers, since

Re: [Web-SIG] Request for Comments on upcoming WSGI Changes

[P.J. Eby] Actually, latin-1 bytes encoding is the *simplest* thing that could possibly work, since it works already in e.g. Jython, and is actually in the spec already...  and any framework that wants unicode URIs already has to decode them, so the code is already written. [Armin] Except

Re: [Web-SIG] Request for Comments on upcoming WSGI Changes

[Alan] Is there a real need out there? [Armin] In python 3, yes. Because the stdlib no longer works with bytes and the bytes object has few string semantics left. Why can't we just do the same as the java servlet spec? I.E. 1. Ignore the encoding issues being discussed 2. Give the

Re: [Web-SIG] Request for Comments on upcoming WSGI Changes

[Armin] Because that problem was solved a long ago in applications themselves. Webob, Werkzeug, Paste, Pylons, Django, you name it, all are operating on unicode. And the way they do that is straightforward. So what are we all discussing? Those frameworks obviously have solved all of the

Re: [Web-SIG] Request for Comments on upcoming WSGI Changes

[Armin] No, they know the character sets. Hmmm, define know ;-) [Armin] You tell them what character set you want to use. For example you can specify utf-8, and they will decode/encode from/to utf-8. But there is no way for the application to send information to the server before they are

Re: [Web-SIG] Request for Comments on upcoming WSGI Changes

[Armin] Of course a server configuration variable would be a solution for many of these problems, but I don't like the idea of changing application behavior based on server configuration. So you don't like the way that Django, Werkzeug, WebOb, etc, do it now, even though they appear to be

Re: [Web-SIG] WSGI 1 Changes [ianb's and my changes]

[Rene] I think you mean pre-2.2 support, not python 2.2?  iterators came about in python 2.2. [Armin] That might be.  That was before my time.  I'm pretty sure the first Python version I used was 2.3, but don't quote me on that. As WSGI was being developed, cpython was at version 2.3. The

Re: [Web-SIG] Announcing bobo

[Etienne] If you want to start a thread for Bobo, please switch mailing-list or create a new thread, as all I wanted was to tell Jim my disappointement regarding Bobo, and I still think its not very revolutionary. I completely disagree; this is definitely the appopriate list for discussing web

Re: [Web-SIG] RESTful Python email list?

[Pete] Any interest in a dedicated email list for REST + python, a la the restful-json group [0]?  The group would discuss strategies for REST architecture built with and within Python.  WSGI 1.0 vs. 2.0 vs. 2e6 is out of scope. ;-) Just a thought: is there any reason why RESTful python

Re: [Web-SIG] FW: Closing #63: RFC2047 encoded words

[James] If you want to start a discussion about having a standard parsed-header object in WSGI, that's another thing, but saying that WSGI servers should *partially* decode the headers seems rather silly to me. Hi James, It's a shame that your proposal to add the twisted header parsing

Re: [Web-SIG] Python 3.0 and WSGI 1.0.

[Sylvain] Would there be any interest in asking the HTTP-BIS working group [1] what they think about it? Currently I couldn't find anything in their drafts suggesting they had decided to clarify this issue from a protocol's perspective but they might consider it to be relevant to their

Re: [Web-SIG] Python 3.0 and WSGI 1.0.

[Sylvain] Would there be any interest in asking the HTTP-BIS working group [1] what they think about it? Currently I couldn't find anything in their drafts suggesting they had decided to clarify this issue from a protocol's perspective but they might consider it to be relevant to their

Re: [Web-SIG] WSGI Open Space @ PyCon.

[Noah] +1 on the iterator, although I might just like the idea and might be missing something important.  It seems like there are a lot of powerful things being developed with generators in mind, and there are some nifty things you can do with them like the contextlib example:  

[Web-SIG] WSGI Open Space @ PyCon.

Dear all, For those of you at PyCon, there is a WSGI Open Space @ 5pm today (Friday). The sub-title of the open space is Does WSGI need revision? An example: Philip Jenvey (http://dunderboss.blogspot.com/) raised the need for something akin to what Java folks call Lifecycle methods, so that

Re: [Web-SIG] Use both Python and Javascript in html webpages

[David] Can we use both Python and Javascript in html webpages?   Any demo on this? If you're willing to write rpython, PyPy can compile it to javascript which run can in a browser. http://codespeak.net/pypy/dist/pypy/doc/js/using.html HTH, Alan.

Re: [Web-SIG] Revising environ['wsgi.input'].readline in the WSGI specification

[Graham] I would be for (1) errata or amendment as reality is that there is probably no WSGI implementation that disallows an argument to readline() given that certain Python code such as cgi.FieldStorage wouldn't work otherwise. For such a clarification on existing practice, I see no point

Re: [Web-SIG] Newline values in WSGI response header values.

[Graham] Thus, is an embedded newline in value invalid? Would it be reasonable for a WSGI adapter to flag it as an error? From a security POV, it may be advisable for WSGI servers to *not* allow newlines in HTTP response headers; newlines in response headers may be the result of an

Re: [Web-SIG] Time a for JSON parser in the standard library?

[Bob] simplejson would give you an error and tell you exactly where the problem was, Another good point. Other JSON modules should follow simplejson's lead, and provide access to the location in the document where the lexical or parse error occurred, so that the offending document can be

Re: [Web-SIG] Time a for JSON parser in the standard library?

[John] I'm interested in whether you generally use JSON to communicate with a JavaScript client, or another JSON library. Both the demjson and simplejson libraries are written with the assumption that they are to be used to interact with JavaScript. Answer #1: My motive is simply to implement

Re: [Web-SIG] Time a for JSON parser in the standard library?

[Alan] [hand written JSON containing a] hard-to-spot dangling comma, from all the copying and pasting. That broke his javascript library; he solved the problem by passing it through a PHP JSON codec on his local Apache. It worked, i.e. his problem disappeared, but he didn't know why (the

Re: [Web-SIG] Time a for JSON parser in the standard library?

[Massimo] It would also be nice to have a common interface to all modules that do serialization. For example pickle, cPickle, marshall has dumps, so json should also have dumps. Indeed, this is my primary concern also. The reason is that I have a pure-java JSON codec for jython, that I will

Re: [Web-SIG] Time a for JSON parser in the standard library?

[Graham] The problem areas were, different interpretations of what could be supplied in an error response. Whether an integer, string or arbitrary object could be supplied as the id attribute in a request. Finally, some JavaScript clients would only work with a server side implementation

[Web-SIG] Time a for JSON parser in the standard library?

Dear all, Given that 1. Python comes with batteries included 2. There is a standard library re-org happening because of Py3K 3. JSON is now a very commonly used format on the web Is it time there was a JSON codec included in the python standard library? (If XML is already supported, I see no

Re: [Web-SIG] WSGI, Python 3 and Unicode

[Alan] The restriction to iso-8859-1 is really a distraction; iso-8859-1 is used simply as an identity encoding that also enforces that all bytes in the string have a value from 0x00 to 0xff, so that they are suitable for byte-oriented IO. So, in output terms at least, WSGI *is* a

Re: [Web-SIG] WSGI, Python 3 and Unicode

[Phillip] WSGI already copes, actually. Note that Jython and IronPython have this issue today, and see: http://www.python.org/dev/peps/pep-0333/#unicode-issues [James] It would seem very odd, however, for WSGI/python3 to use strings- restricted-to-0xFF for network I/O while everywhere else

[Web-SIG] Modjy and jython 2.2.

Dear all, Now that jython 2.2 has been released (hooray!) http://www.jython.org/Project/download.html it's time for a quick update on the status of modjy, the jython WSGI/J2EE gateway. http://www.xhaus.com/modjy/ Previous versions of modjy were based on jython 2.1, which didn't have support

Re: [Web-SIG] Web Site Process Bus

[Graham Dumpleton] First comment is about WSGI applications somehow themselves using SIGTERM etc as triggers for things they want to do. For Apache at least, allowing any part of a hosted Python application to register its own signal handlers is a big no no. This is because Apache itself

Re: [Web-SIG] Relationship between SCRIPT_NAME and PATH_INFO.

[Graham Dumpleton] Should a WSGI adapter for a web server which allows a mount point to have a trailing slash specifically flag as a configuration error an attempt to use such a mount point given that it appears to be incompatible with WSGI? OK, I'll have a go. I think the question boils

Re: [Web-SIG] WSGI input filter that changes content length.

[Graham Dumpleton] How does one implement in WSGI an input filter that manipulates the request body in such a way that the effective content length would be changed? The problem I am trying to address here is how one might implement using WSGI a decompression filter for the body of a

Re: [Web-SIG] [Fwd: Summer of Code preparation]

[Peter Hunt] I think an interesting project would be complete integration of the client and server via AJAX. That is, whenever a DHTML event handler needs to be called on the client-side, the document state is serialized and it is sent along with the DHTML event information to the server,

Re: [Web-SIG] [Fwd: Summer of Code preparation]

[Titus Brown] I'm thinking of proposing a project to build a JavaScript interpreter interface for Python; the goal (for me) is to get twill/mechanize to understand JavaScript. I think the project has wider applications, but I'm not sure what people actually want to do with JavaScript. I

Re: [Web-SIG] Standalone WSGI form framework.

[Alan Kennedy] I'm looking for a framework-independent form library. I'm using the Quixote forms library at the moment, inside my own framework, but would ideally like something more WSGI oriented, so that it is easier to mock and unittest. [Daniel Miller] Have you looked at Ian Bicking's

Re: [Web-SIG] Standalone WSGI form framework.

[Alan Kennedy] I'm looking for a framework-independent form library. I'm using the Quixote forms library at the moment, inside my own framework, but would ideally like something more WSGI oriented, so that it is easier to mock and unittest. [Titus Brown] I'm confused by this -- this could

Re: [Web-SIG] Standalone WSGI form framework.

[Alan Kennedy] But I'm tired of hacking on it to make it do what I want: I'd much prefer to start afresh with my own design than to continue to use Quixote: it's just too limiting. [Titus Brown] I think you mistook my question for a criticism ;). Rewrite or no, I'm mostly interested in what

[Web-SIG] Standalone WSGI form framework.

Greetings All. I'm looking for a framework-independent form library. I'm using the Quixote forms library at the moment, inside my own framework, but would ideally like something more WSGI oriented, so that it is easier to mock and unittest. My ideal form framework should do the following 1.

Re: [Web-SIG] WSGI in standard library

[Alan Kennedy] Maybe we need a PEP [Bill Janssen] Great idea! That's exactly what I thought when I organized this SIG a couple of years ago. [Guido van Rossum] At first I was going to respond +1. But the fact that a couple of years haven't led to much suggests that it's unlikely

Re: [Web-SIG] WSGI in standard library

[Ian Bicking] Anyway, I'm +1 on the object [wsgiref's wsgi header manipulation class] going somewhere. I don't know if the parent package has to be named wsgi -- and wsgiref seems even stranger to me, as anything in the standard library isn't a reference implementation anymore, but an actual

Re: [Web-SIG] WSGI in standard library

). rfc822 is heavier than this dictionary-like object, and apparently is also deprecated. [Alan Kennedy] While we're on the subject, can we find a better home for the HTTP status codes-messages mapping? Folks, Thinking about this some more, it's beginning to sound to me like the server-side web

Re: [Web-SIG] WSGI in standard library

[Ian Bicking] Note that the scope of a WSGI server is very very limited. It is quite distinct from an XMLRPC server from that perspective -- an XMLRPC server actually *does* something. A WSGI server does nothing but delegate. and I'm not set on production quality code, but I think the

Re: [Web-SIG] WSGI in standard library

[Alan Kennedy] 3. If I had to pick one of the 3 you suggested, I'd pick the last one, i.e. PJE's, because it fulfills exactly the criteria I listed [Robert Brewer] I have to disagree (having examined/unraveled it quite a bit recently, to remove modpython_gateway's dependency on it). [Ian

Re: [Web-SIG] WSGI in standard library

[Guido van Rossum] Let's make it so. I propose to add wsgiref to the standard library and nothing more. [Blake Winton] Will you be maintaining this? ;) [Guido van Rossum] I'd expect we could twist Phillip's arm to maintain it; he's not expecting much maintenance. [Phillip J. Eby] Yes, and

Re: [Web-SIG] WSGI in standard library

[Alan Kennedy] Priority #1: Make the requisite server a single standalone module. [Guido van Rossum] Huh? What makes you think this? My bad :-( Two things made me think like that 1. BaseHttpServer - BaseHttpServer.py SimpleHttpServer - SimpleHttpServer.py WSGIHttpServer

Re: [Web-SIG] WSGI in standard library

[Alan Kennedy] Instead, I think the right approach is to continue with the existing approach: put the most basic possible WSGI server in the standard library, for educational purposes only, and a warning that it shouldn't really be used for production purposes. [Bill Janssen] I strongly

Re: [Web-SIG] WSGI in standard library

[Graham Dumpleton] Anyway, not that it matters, but the security fix was not the only thing in those releases. Still, I think my point stands that internet-facing servers in the standard lilbrary are currently the only source of security advisories in python. http://www.python.org/security/

Re: [Web-SIG] Bowing out (was Re: A trivial template API counter-proposal)

[Alan Kennedy] Looking at this in an MVC context ... [Phillip J. Eby] As soon as you start talking about what templates should or should not do (as opposed to what they *already* do), you've stopped writing an inclusive spec and have wandered off into evangelizing a particular

Re: [Web-SIG] Standardized template API

[Clark C. Evans] I'd stick with the notion of a template_name that is neither the template file nor the template body. Then you'd want a template factory method that takes the name and produces the template body (complied if necessary). I agree. If you're looking for an existing model (in

Re: [Web-SIG] Communicating authenticated user information

this information back to the browser. I think an API could be very simple, and optional for servers that know they won't be logging auth information. I agree about not sending this information back to the user: it's unnecessary and potentially dangerous. Regards, Alan Kennedy

Re: [Web-SIG] Communicating authenticated user information

[Alan Kennedy] I agree about not sending this information back to the user: it's unnecessary and potentially dangerous. [Phillip J. Eby] Yep, it would be really dangerous to let me know who I just logged in to an application as. I might find out who I really am! ;) Very droll ;-) What