> Thanks for pointing me to dict.get().... i am too stupid :-S you are quite harsh on yourself. missing something in the huge pile of documentation that is django + python is really quite easy.
> Regarding the tracking app: It's just my personal view... i don't like > shipping an app with the widelands code when much code of it is potentially > unused. I agree. Unused code should be deleted. But I think there are more useful things in the homepage than removing unused code - that said, if you want to do it I will gladly review it :) > request variables A bit of googling says you are probably right: https://www.djangoproject.com/weblog/2009/jul/28/security/#secondary-issue We cannot rely on any of these variables to be set or even correct. I suggest we return a known false IP that we can recognize in the database instead. For example 192.168.23.42 or something like this. And we should probably not use the IP for anything besides what we maybe require for SPAM services. -- https://code.launchpad.net/~widelands-dev/widelands-website/fix_REMOTE_ADDR/+merge/308337 Your team Widelands Developers is subscribed to branch lp:widelands-website. _______________________________________________ Mailing list: https://launchpad.net/~widelands-dev Post to : firstname.lastname@example.org Unsubscribe : https://launchpad.net/~widelands-dev More help : https://help.launchpad.net/ListHelp