[Web-SIG] WSGI for HTTP/2.0 ?
So HTTP/2.0 (http://http2.github.io/http2-spec/index.html) is far advanced, and my puny google-fu cannot find any upstream work on making a) updating and or replacing WSGI to support HTTP/2's new capabilities or b) an HTTP/2 capable SimplerServer or similar reference server in the standard library . Huge apologies if I'm wrong and pointers accepted! I did find things like https://evonove.it/blog/2012/django-jetty-spdy-blazing-fast/ which uses Jython and the Jetty web server to do SPDY (the Google experiment that has formed much of the basis of HTTP/2) or https://github.com/tatsuhiro-t/nghttp2/blob/master/python/wsgi.py which doesn't expose any of the new HTTP/2 features. So, I'd like to kick of such work, I think the spec is sufficiently stable now that we can design APIs in Python for it with confidence, even though we may need to tweak things it won't be disruptive. Specific things that I think we need to cater for: - the streaming and multiplexing facilities (http://http2.github.io/http2-spec/index.html#rfc.section.5 and http://http2.github.io/http2-spec/index.html#FrameTypes) - this is a fairly fundamental departure from HTTP/1.x's strict 'request-response' model and exposing it should offer very nice capabilities to site authors. HTTP1.x requests look like a half-closed stream on an HTTP/2 connection, but its entirely possible via the extension mechanism to run bidirectional data on a stream initiated by either end (whiile the client has a single open stream the server can push a new associated stream at any point) - flow control (http://http2.github.io/http2-spec/index.html#fc-principles) - for file uploads for instance, we can now rate limit single clients directly within the protocol - the resource tree (http://http2.github.io/http2-spec/index.html#pri-depend) - if we have concurrent requests being handled for one client it is now possible to explicitly model which ones should be processed and put on the wire first, and this should flow up into the application to a degree - GOAWAY (http://http2.github.io/http2-spec/index.html#ConnectionErrorHandler) - backwards compat - making sure that straight PEP- apps still work well when the server connection is HTTP/2 Is anyone interested in collaborating on an update to WSGI to support HTTP/2's new features? -Rob -- Robert Collins rbtcoll...@hp.com Distinguished Technologist HP Converged Cloud ___ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: https://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
[Web-SIG] WSGI server handling absolute URI
Hello, My name is Mouad and this is my first time writing to this mailing list. I hope this is the right mailing list to let interested party to know about a minor bug that i found in some WSGI server that are out there, that doesn't support absolute URI in an raw http request i.e. GET http://domain.com/path HTTP/1.1 I have created an issue for WGIREF http://bugs.python.org/issue21472, and i am waiting for feedback from cPython core developers, and most **importantly** this gist https://gist.github.com/mouadino/7930974 that show who support this feature and who doesn't. HTH, -- Mouad Benchchaoui ___ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: https://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
[Web-SIG] Connection close when response is ready
Hi, I would like to also share another gist (beside the one from the thread wsgi server handling absolute URI), as food to our thoughts to any one that find this interesting, this time it's about the connection: close http header that should instruct server to close the connection from their side as soon as an HTTP response is sent, but i found that only two HTTP (WSGI) server out there do support this, more info can be found here https://gist.github.com/mouadino/5458786 . FWIW i have already submitted a patch to eventlet where i did find this problem first, but apparently the eventlet guys doesn't want to support this for a reason that old client may not support this correctly, the same excuse is used by NGINX and Apache as it was explained to me by **temoto** from eventlet (check link https://github.com/eventlet/eventlet/issues/27). The reason why this is good to have is explained in the eventlet issue linked above. As a last remark i found it funny that in both my gist, this one and the other from absolute URI (Sadly i can't link emails, hmmm !), i found that cherrypy do the right thing in both cases, so kudos to the cherrypy guys :) HTH, -- Mouad Benchchaoui ___ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: https://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
Re: [Web-SIG] Nodejs cluster
If you crosslink the Flask app object and the WebSocket factory with each other you can shuffle data in both directions. That's super cool. Thanks! What I propose is officially Python endorsed cluster standard. Am I over thinking this? Or the status quo is good enough for everyone else? Here is a proof-of-concept we did last year scaling Twisted Web on multicore: https://github.com/oberstet/scratchbox/tree/master/python/twisted/sharedsocket It reaches 60k requests/sec on 4 cores (something like 70% the performance of Nginx on the same system): https://github.com/oberstet/scratchbox/raw/master/python/twisted/sharedsocket/results.pdf We are working on a system (on top of Autobahn) which provides builtin scale-up (multi-core) and scale-out (multi-node) capabilities: https://github.com/crossbario/crossbar This is work in progress and relies on WAMPv2. Here are a couple of links https://github.com/tavendo/WAMP/tree/master/spec https://github.com/tavendo/AutobahnPython/tree/master/examples/twisted/wamp/basic https://github.com/tavendo/AutobahnPython/tree/master/examples/twisted/websocket/echo_multicore As said, Crossbar.io is work in progress but we'll announce something soon as it's already quite usable (eg it can host any WSGI app side-by-side with WebSocket/WAMP application components) .. Cheers, /Tobias ___ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: https://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
[Web-SIG] Flurry of old posts appearing
Today (Sept 15, 2014) I just received several posts on web-sig that were apparently first posted in May. An example is a post by mouad ben with subject Connection close when response is ready. Did some kind of moderator queue just get unplugged? Or should I assume these were held up by GMail? -- --Guido van Rossum (python.org/~guido) ___ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: https://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
[Web-SIG] no_authkit_users_in_environ
Hello,
I'm trying to make cookie auth working with authkit but cannot
find a healthy solution. So far here's the code which i'm trying
to use for getting a users object into the environ:
#!/usr/bin/env python
from notmm.controllers.wsgi import WSGIController
from notmm.controllers.auth import LoginController
from notmm.utils.http import httpserver
from notmm.utils.configparse import loadconf
sample_app = WSGIController()
settings = sample_app.settings
global_conf = loadconf('auth.conf')
auth_conf = global_conf['authkit']
auth_app = LoginController(sample_app, auth_conf, settings=settings)
if __name__ == '__main__':
httpserver.daemonize(auth_app, ('localhost', 8000))
And here's the login view to handle authentication:
def authenticate_user(request, username, password, tokens='',
user_data=time.ctime,
authfunc='paste.auth_tkt.set_user'):
Authenticate the user into the site and update the last_modified
timestamp if authentication and authorization granted user access.
try:
user_setter_func = request.environ[authfunc]
if valid_password(request.environ, username, password):
user_setter_func(username, tokens=tokens, user_data=user_data())
#trigger function here to update the last_modified timestamp
log.debug('User %s has been authenticated and authorized access!!'
% username)
raise NotAuthenticatedError
except (KeyError, Exception):
raise NotAuthenticatedError
return None
controller:
class AuthCookieController(SessionController):
Authentication controller to delegate authorization to generic
user-defined backends.
request_class = HTTPRequest
response_class = HTTPResponse
def __init__(self, wsgi_app, auth_conf=None, **kwargs):
super(AuthCookieController, self).__init__(**kwargs)
#put a pointer on the previous wsgi app in the stack
self.wsgi_app = wsgi_app
self.auth_conf_wrapper = auth_middleware(wsgi_app,
app_conf=auth_conf,
cookie_secret='secret string',
#handle_httpexception=False,
valid=self.authenticate,
#enforce=self.auth_conf['enforce']
)
def application(self, environ, start_response, exc_info=None):
# apply the response middleware wrapper to
# the WSGI stack and return a callable obj
return self.auth_conf_wrapper(environ, start_response)
def authenticate(self, username, password):
Authenticate with the provided ``username`` and ``password``.
Developers are expected to override this method in custom
authentication subclasses.
if username == password:
return username
else:
return None
LoginController = AuthCookieController
the traceback:
/home/steiner/src/notmm/trunk/examples/auth/views/login.py(33)authenticate_user()
- if valid_password(request.environ, username, password):
(Pdb) bt
/home/steiner/src/notmm/trunk/examples/auth/redirect.py(15)module()
- httpserver.daemonize(auth_app, ('localhost', 8000))
/home/steiner/src/notmm/trunk/lib/notmm/utils/http/httpserver.py(157)daemonize()
- server.serve()
/home/steiner/src/notmm/trunk/lib/notmm/utils/http/httpserver.py(115)serve()
- self.server.serve_forever()
/usr/local/lib/python2.7/SocketServer.py(238)serve_forever()
- self._handle_request_noblock()
/usr/local/lib/python2.7/SocketServer.py(295)_handle_request_noblock()
- self.process_request(request, client_address)
/usr/local/lib/python2.7/SocketServer.py(321)process_request()
- self.finish_request(request, client_address)
/usr/local/lib/python2.7/SocketServer.py(334)finish_request()
- self.RequestHandlerClass(request, client_address, self)
/usr/local/lib/python2.7/SocketServer.py(649)__init__()
- self.handle()
/usr/local/lib/python2.7/wsgiref/simple_server.py(124)handle()
- handler.run(self.server.get_app())
/usr/local/lib/python2.7/wsgiref/handlers.py(85)run()
- self.result = application(self.environ, self.start_response)
/home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/base.py(314)__call__()
- return self.app(environ, start_response)
/home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/cookie.py(480)__call__()
- return self.app(environ, cookie_setting_start_response)
/home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/multi.py(87)__call__()
- app_iter = app(environ, start_response)
/home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/multi.py(55)app()
- return self.default(environ, find)
/home/steiner/src/notmm/trunk/extras/libauthkit/authkit/authenticate/base.py(304)__call__()
- return self.app(environ, start_response)
/home/steiner/src/notmm/trunk/examples/auth/views/login.py(96)login()
- authenticate_user(request, username, password)
Re: [Web-SIG] Flurry of old posts appearing
Wow. May I suggest asking for some new moderators? I understand the need to moderate posts (to prevent spam) but this isn't exactly encouraging to new contributors to the community... On Mon, Sep 15, 2014 at 10:47 AM, Bill Janssen jans...@parc.com wrote: Guido van Rossum gu...@python.org wrote: Did some kind of moderator queue just get unplugged? Yep. First-time posts by new members. Bill -- --Guido van Rossum (python.org/~guido) ___ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: https://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
[Web-SIG] more moderators for Web-SIG list?
Anyone want to help moderate the Web-SIG list? Very low activity level. I'd just like to get some more people who can manipulate the levers. Bill ___ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: https://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
Re: [Web-SIG] more moderators for Web-SIG list?
Hi Bill, Bill Janssen wrote on 2014-09-15 20:56: Anyone want to help moderate the Web-SIG list? Very low activity level. I'd just like to get some more people who can manipulate the levers. Sure, why not... Bill Sven ___ Web-SIG mailing list Web-SIG@python.org Web SIG: http://www.python.org/sigs/web-sig Unsubscribe: https://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com
