DOCSLIB.ORG

Flask Documentation Release 0.13.Dev Jul 31, 2017

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Flask Documentation Release 0.13.Dev Jul 31, 2017 Flask Documentation Release 0.13.dev Jul 31, 2017 Contents I User’s Guide1 1 Foreword3 2 Foreword for Experienced Programmers5 3 Installation7 4 Quickstart 11 5 Tutorial 29 6 Templates 45 7 Testing Flask Applications 51 8 Application Errors 59 9 Debugging Application Errors 67 10 Configuration Handling 69 11 Signals 81 12 Pluggable Views 85 13 The Application Context 91 14 The Request Context 95 15 Modular Applications with Blueprints 101 16 Flask Extensions 107 i 17 Command Line Interface 109 18 Development Server 117 19 Working with the Shell 119 20 Patterns for Flask 123 21 Deployment Options 181 22 Becoming Big 195 II API Reference 199 23 API 201 III Additional Notes 277 24 Design Decisions in Flask 279 25 HTML/XHTML FAQ 283 26 Security Considerations 289 27 Unicode in Flask 295 28 Flask Extension Development 299 29 Pocoo Styleguide 307 30 Python 3 Support 313 31 Upgrading to Newer Releases 315 32 Flask Changelog 325 33 License 343 34 How to contribute to Flask 347 ii Part I USER’S GUIDE This part of the documentation, which is mostly prose, begins with some background information about Flask, then focuses on step-by-step instructions for web develop- ment with Flask. 1 2 CHAPTER 1 Foreword Read this before you get started with Flask. This hopefully answers some questions about the purpose and goals of the project, and when you should or should not be using it. What does “micro” mean? “Micro” does not mean that your whole web application has to fit into a single Python file (although it certainly can), nor does it mean that Flask is lacking in functionality. The “micro” in microframework means Flask aims to keep the core simple but exten- sible. Flask won’t make many decisions for you, such as what database to use. Those decisions that it does make, such as what templating engine to use, are easy to change. Everything else is up to you, so that Flask can be everything you need and nothing you don’t. By default, Flask does not include a database abstraction layer, form validation or any- thing else where different libraries already exist that can handle that. Instead, Flask supports extensions to add such functionality to your application as if it was imple- mented in Flask itself. Numerous extensions provide database integration, form val- idation, upload handling, various open authentication technologies, and more. Flask may be “micro”, but it’s ready for production use on a variety of needs. Configuration and Conventions Flask has many configuration values, with sensible defaults, and a few conventions when getting started. By convention, templates and static files are stored in subdi- 3 rectories within the application’s Python source tree, with the names templates and static respectively. While this can be changed, you usually don’t have to, especially when getting started. Growing with Flask Once you have Flask up and running, you’ll find a variety of extensions available in the community to integrate your project for production. The Flask core team reviews extensions and ensures approved extensions do not break with future releases. As your codebase grows, you are free to make the design decisions appropriate for your project. Flask will continue to provide a very simple glue layer to the best that Python has to offer. You can implement advanced patterns in SQLAlchemy or an- other database tool, introduce non-relational data persistence as appropriate, and take advantage of framework-agnostic tools built for WSGI, the Python web interface. Flask includes many hooks to customize its behavior. Should you need more cus- tomization, the Flask class is built for subclassing. If you are interested in that, check out the Becoming Big chapter. If you are curious about the Flask design principles, head over to the section about Design Decisions in Flask. Continue to Installation, the Quickstart, or the Foreword for Experienced Programmers. 4 CHAPTER 2 Foreword for Experienced Programmers Thread-Locals in Flask One of the design decisions in Flask was that simple tasks should be simple; they should not take a lot of code and yet they should not limit you. Because of that, Flask has a few design choices that some people might find surprising or unorthodox. For example, Flask uses thread-local objects internally so that you don’t have to pass ob- jects around from function to function within a request in order to stay threadsafe. This approach is convenient, but requires a valid request context for dependency in- jection or when attempting to reuse code which uses a value pegged to the request. The Flask project is honest about thread-locals, does not hide them, and calls out in the code and documentation where they are used. Develop for the Web with Caution Always keep security in mind when building web applications. If you write a web application, you are probably allowing users to register and leave their data on your server. The users are entrusting you with data. And even if you are the only user that might leave data in your application, you still want that data to be stored securely. Unfortunately, there are many ways the security of a web application can be com- promised. Flask protects you against one of the most common security problems of modern web applications: cross-site scripting (XSS). Unless you deliberately mark in- secure HTML as secure, Flask and the underlying Jinja2 template engine have you covered. But there are many more ways to cause security problems. 5 The documentation will warn you about aspects of web development that require at- tention to security. Some of these security concerns are far more complex than one might think, and we all sometimes underestimate the likelihood that a vulnerability will be exploited - until a clever attacker figures out a way to exploit our applications. And don’t think that your application is not important enough to attract an attacker. Depending on the kind of attack, chances are that automated bots are probing for ways to fill your database with spam, links to malicious software, and the like. Flask is no different from any other framework in that you the developer must build with caution, watching for exploits when building to your requirements. Python 3 Support in Flask Flask, its dependencies, and most Flask extensions all support Python 3. If you want to use Flask with Python 3 have a look at the Python 3 Support page. Continue to Installation or the Quickstart. 6 CHAPTER 3 Installation Python Version We recommend using the latest version of Python 3. Flask supports Python 3.3 and newer, Python 2.6 and newer, and PyPy. Dependencies These distributions will be installed automatically when installing Flask. • Werkzeug implements WSGI, the standard Python interface between applica- tions and servers. • Jinja is a template language that renders the pages your application serves. • MarkupSafe comes with Jinja. It escapes untrusted input when rendering tem- plates to avoid injection attacks. • ItsDangerous securely signs data to ensure its integrity. This is used to protect Flask’s session cookie. • Click is a framework for writing command line applications. It provides the flask command and allows adding custom management commands. 7 Optional dependencies These distributions will not be installed automatically. Flask will detect and use them if you install them. • Blinker provides support for Signals. • SimpleJSON is a fast JSON implementation that is compatible with Python’s json module. It is preferred for JSON operations if it is installed. • python-dotenv enables support for Loading Environment Variables From .env Files when running flask commands. Virtual environments Use a virtual environment to manage the dependencies for your project, both in de- velopment and in production. What problem does a virtual environment solve? The more Python projects you have, the more likely it is that you need to work with different versions of Python libraries, or even Python itself. Newer versions of libraries for one project can break compatibility in another project. Virtual environments are independent groups of Python libraries, one for each project. Packages installed for one project will not affect other projects or the operating sys- tem’s packages. Python 3 comes bundled with the venv module to create virtual environments. If you’re using a modern version of Python, you can continue on to the next section. If you’re using Python 2, see Install virtualenv first. Create an environment Create a project folder and a venv folder within: mkdir myproject cd myproject python3 -m venv venv On Windows: py -3 -m venv venv If you needed to install virtualenv because you are on an older version of Python, use the following command instead: virtualenv venv On Windows: 8 \Python27\Scripts\virtualenv.exe venv Activate the environment Before you work on your project, activate the corresponding environment: . venv/bin/activate On Windows: venv\Scripts\activate Your shell prompt will change to show the name of the activated environment. Install Flask Within the activated environment, use the following command to install Flask: pip install Flask Living on the edge If you want to work with the latest Flask code before it’s released, install or update the code from the master branch: pip install -U https://github.com/pallets/flask/archive/master.tar.gz Install virtualenv If you are using Python 2, the venv module is not available. Instead, install virtualenv. On Linux, virtualenv is provided by your package manager: # Debian, Ubuntu sudo apt-get install python-virtualenv # CentOS, Fedora sudo yum install python-virtualenv # Arch sudo pacman -S python-virtualenv If you are on Mac OS X or Windows, download get-pip.py, then: 9 sudo python2 Downloads/get-pip.py sudo python2 -m pip install virtualenv On Windows, as an administrator: \Python27\python.exe Downloads\get-pip.py \Python27\python.exe -m pip install virtualenv Now you can continue to Create an environment.
Load more

Recommended publications
  • Download Issue
    Issue October 2019 | presented by www.jaxenter.com #70 The digital magazine for enterprise developers JavaThe JDK’s hidden 13 treasures i Jakarta EE 8 Let the games begin JDK 13 Why text blocks are worth the wait OpenJFX 13 JavaFX gets its own identity © Teguh Mujiono/Shutterstock.com, Pushkin/Shutterstock.com Illustrationen: Sun Microsystems Inc., S&S Media Editorial Let’s celebrate Java – three times! It’s that time again: A new Java version is here! Java 13 Last but not least: Jakarta EE, the follow-up project of was launched as planned, six months after the release Java EE, has announced its first release under the umbrella of of Java 12, and again it has some interesting features on the Eclipse Foundation. We got hold of the executive director board. In this issue of Jax Magazine, we’ve covered them of the Eclipse Foundation, Mike Milinkovich, and asked him for you in detail. about the current status of Jakarta EE. The good news doesn’t end there, as JavaFX 13 has also been released. The UI toolkit is no longer included in the JDK Happy reading, but has adjusted its new version releases to the new Java re- lease cadence. Find out what’s new here! Hartmut Schlosser Java 13 – a deep dive into the JDK’s 3 Kubernetes as a multi-cloud 17 new features operating system Falk Sippach Patrick Arnold Index Java 13 – why text blocks are worth the wait 6 Multi-tier deployment with Ansible 21 Tim Zöller Daniel Stender Jakarta EE 8 is sprinting towards an 9 Do we need a service mesh? 28 exciting future for enterprise Java Anton Weiss Thilo Frotscher
    [Show full text]
  • Lightweight Django USING REST, WEBSOCKETS & BACKBONE
    Lightweight Django USING REST, WEBSOCKETS & BACKBONE Julia Elman & Mark Lavin Lightweight Django LightweightDjango How can you take advantage of the Django framework to integrate complex “A great resource for client-side interactions and real-time features into your web applications? going beyond traditional Through a series of rapid application development projects, this hands-on book shows experienced Django developers how to include REST APIs, apps and learning how WebSockets, and client-side MVC frameworks such as Backbone.js into Django can power the new or existing projects. backend of single-page Learn how to make the most of Django’s decoupled design by choosing web applications.” the components you need to build the lightweight applications you want. —Aymeric Augustin Once you finish this book, you’ll know how to build single-page applications Django core developer, CTO, oscaro.com that respond to interactions in real time. If you’re familiar with Python and JavaScript, you’re good to go. “Such a good idea—I think this will lower the barrier ■ Learn a lightweight approach for starting a new Django project of entry for developers ■ Break reusable applications into smaller services that even more… the more communicate with one another I read, the more excited ■ Create a static, rapid prototyping site as a scaffold for websites and applications I am!” —Barbara Shaurette ■ Build a REST API with django-rest-framework Python Developer, Cox Media Group ■ Learn how to use Django with the Backbone.js MVC framework ■ Create a single-page web application on top of your REST API Lightweight ■ Integrate real-time features with WebSockets and the Tornado networking library ■ Use the book’s code-driven examples in your own projects Julia Elman, a frontend developer and tech education advocate, started learning Django in 2008 while working at World Online.
    [Show full text]
  • Interfacing Apache HTTP Server 2.4 with External Applications
    Interfacing Apache HTTP Server 2.4 with External Applications Jeff Trawick Interfacing Apache HTTP Server 2.4 with External Applications Jeff Trawick November 6, 2012 Who am I? Interfacing Apache HTTP Server 2.4 with External Applications Met Unix (in the form of Xenix) in 1985 Jeff Trawick Joined IBM in 1990 to work on network software for mainframes Moved to a different organization in 2000 to work on Apache httpd Later spent about 4 years at Sun/Oracle Got tired of being tired of being an employee of too-huge corporation so formed my own too-small company Currently working part-time, coding on other projects, and taking classes Overview Interfacing Apache HTTP Server 2.4 with External Applications Jeff Trawick Huge problem space, so simplify Perspective: \General purpose" web servers, not minimal application containers which implement HTTP \Applications:" Code that runs dynamically on the server during request processing to process input and generate output Possible web server interactions Interfacing Apache HTTP Server 2.4 with External Applications Jeff Trawick Native code plugin modules (uhh, assuming server is native code) Non-native code + language interpreter inside server (Lua, Perl, etc.) Arbitrary processes on the other side of a standard wire protocol like HTTP (proxy), CGI, FastCGI, etc. (Java and \all of the above") or private protocol Some hybrid such as mod fcgid mod fcgid as example hybrid Interfacing Apache HTTP Server 2.4 with External Applications Jeff Trawick Supports applications which implement a standard wire protocol, no restriction on implementation mechanism Has extensive support for managing the application[+interpreter] processes so that the management of the application processes is well-integrated with the web server Contrast with mod proxy fcgi (pure FastCGI, no process management) or mod php (no processes/threads other than those of web server).
    [Show full text]
  • Magnetic Silica Particles Functionalized with Guanidine Derivatives For
    www.nature.com/scientificreports OPEN Magnetic silica particles functionalized with guanidine derivatives for microwave‑assisted transesterifcation of waste oil Petre Chipurici1,6, Alexandru Vlaicu1,2,6, Ioan Călinescu1, Mircea Vînătoru1, Cristina Busuioc1, Adrian Dinescu3, Adi Ghebaur1,4, Edina Rusen1, Georgeta Voicu1, Maria Ignat5 & Aurel Diacon1* This study aimed to develop a facile synthesis procedure for heterogeneous catalysts based on organic guanidine derivatives superbases chemically grafted on silica‑coated Fe3O4 magnetic nanoparticles. Thus, the three organosilanes that were obtained by reacting the selected carbodiimides (N,N′‑ dicyclohexylcarbodiimide (DCC), N,N′‑diisopropylcarbodiimide (DIC), respectively 1‑ethyl‑3‑(3‑ dimethylaminopropyl) carbodiimide (EDC) with 3‑aminopropyltriethoxysilane (APTES) were used in a one‑pot synthesis stage for the generation of a catalytic active protective shell through the simultaneous hydrolysis/condensation reaction with tetraethyl orthosilicate (TEOS). The catalysts were characterized by FTIR, TGA, SEM, BET and XRD analysis confrming the successful covalent attachment of the organic derivatives in the silica shell. The second aim was to highlight the capacity of microwaves (MW) to intensify the transesterifcation process and to evaluate the activity, stability, and reusability characteristics of the catalysts. Thus, in MW‑assisted transesterifcation reactions, all catalysts displayed FAME yields of over 80% even after 5 reactions/activation cycles. Additionally, the infuence of FFA content on the catalytic activity was investigated. As a result, in the case of Fe3O4@ SiO2‑EDG, a higher tolerance towards the FFA content can be noticed with a FAME yield of over 90% (for a 5% (weight) vs oil catalyst content) and 5% weight FFA content. Biodiesel can represent a suitable renewable alternative for the direct replacement of standard diesel fuels derived from petroleum sources1,2.
    [Show full text]
  • Flask Documentation Release 0.7Dev July 14, 2014
    Flask Documentation Release 0.7dev July 14, 2014 Contents I User’s Guide1 1 Foreword3 1.1 What does “micro” mean?...........................3 1.2 A Framework and an Example........................4 1.3 Web Development is Dangerous.......................4 1.4 The Status of Python 3.............................4 2 Installation7 2.1 virtualenv....................................7 2.2 System Wide Installation...........................8 2.3 Living on the Edge...............................9 2.4 easy_install on Windows............................9 3 Quickstart 11 3.1 A Minimal Application............................ 11 3.2 Debug Mode.................................. 12 3.3 Routing..................................... 13 3.4 Static Files.................................... 17 3.5 Rendering Templates.............................. 17 3.6 Accessing Request Data............................ 19 3.7 Redirects and Errors.............................. 22 3.8 Sessions..................................... 22 3.9 Message Flashing................................ 23 3.10 Logging..................................... 24 3.11 Hooking in WSGI Middlewares....................... 24 4 Tutorial 25 4.1 Introducing Flaskr............................... 25 4.2 Step 0: Creating The Folders......................... 26 4.3 Step 1: Database Schema........................... 27 4.4 Step 2: Application Setup Code........................ 27 i 4.5 Step 3: Creating The Database........................ 29 4.6 Step 4: Request Database Connections.................... 30 4.7 Step
    [Show full text]
  • Wepgw003 High-Level Applications for the Sirius Accelerator Control System
    10th Int. Particle Accelerator Conf. IPAC2019, Melbourne, Australia JACoW Publishing ISBN: 978-3-95450-208-0 doi:10.18429/JACoW-IPAC2019-WEPGW003 HIGH-LEVEL APPLICATIONS FOR THE SIRIUS ACCELERATOR CONTROL SYSTEM X. R. Resende ∗, F. H. de Sá, G. do Prado, L. Liu, A. C. Oliveira, Brazilian Synchrotron Light Laboratory (LNLS), Campinas, Brazil Abstract the sequence we detail the architecture of the HLA and its Sirius is the new 3 GeV low-emittance Brazilian Syn- current development status. Finally we describe how the chrotron Light source under installation and commissioning integration of the CS has been evolving during machine at LNLS. The machine control system is based on EPICS commissioning and end the paper with conclusion remarks and when the installation is complete it should have a few on what the next steps are in HLA development and testing. hundred thousand process variables in use. For flexible inte- gration and intuitive control of such sizable system a con- CONTROL SYSTEM OVERVIEW siderable number of high-level applications, input/output The Sirius accelerator control system (SCS) is based on controllers and graphical user interfaces have been devel- EPICS [3], version R3.15. All SCS software components oped, mostly in Python, using a variety of libraries, such are open-source solutions developed collaboratively using as PyEpics, PCASPy and PyDM. Common support service git version control and are publicly available in the Sirius applications (Archiver Appliance, Olog, Apache server, a organization page [4] at Github. mongoDB-based configuration server, etc) are used. Matlab The naming system used in Sirius for devices and CS prop- Middle Layer is also an available option to control EPICS erties is based on ESS naming system [5].
    [Show full text]
  • GNU/Linux Magazine Hors-Série N°66 Apache Introduction
    LES GUIDES DE sur les origines d Ce documntslapriéxvj-g(@h.)26013à:5 Tout ce qu LE GUIDE COMPLET POUR METTRE EN PLACE ET BIEN CONFIGURER VOTRE SERVEUR WEB APACH France METRO : 12.90 et sur ses principales Introduction fonctionnalités il faut savoir Apache CH : 18,00 CHF Installation et con Installer son premier BEL/PORT.CONT : 13,90 serveur et choisir le mécanisme d plus adapté authenti HORS-SÉRIE guration ���� cation le DOM TOM : 13,90 Programmer pour le Web PHP, Python, Perl et Ruby : quelques bases pour bien programmer avec les langages du Web CAN : 18,00 $ cad Aller plus loin MAR : 130 MAD Des éléments de con pour des besoins plus spéci (LDAP, chi guration avancée ques L 15066 ff Édité par Les Éditions Diamond Éditions Les par Édité rement, ...) www.ed-diamond.com -66H F: Tutoriels Des pas-à-pas 12,90 pour passer E rapidement à la pratique € -RD Ce documntslapriéxvj-g(@h.)26013à:5 2 GNU/LiNUx maGaziNeHors-série N°66 : apacHe Impression : Service abonnement: Responsable publicité: Conception graphique: Remerciements Secrétaire derédaction Rédacteur enchef: Directeur depublication: Sites : Service commercial: E-mail : Tél. : est éditépar GNU/Linux MagazineHors-Série Éditions Diamond. rédigés parlesmembresdel'équiperédactionnelledes Les articlesnonsignéscontenusdanscenuméroontété respectif. droit ayant leur de propriété sont la dans le magazine les représentés logos Tous respectif. citées dans ce numéro sont déposées par les sans aucun marques Toutes d’information, but publicitaire. leur propriétaire figurant dans d’adresses les et prix pages de sont rédactionnelles indications données Les à renvoyés. titre ni rendus, ni sont GNU/Linux Magazine France Hors-série, publiés ou non, ne particulier, les manuscrits, photos accord écrit et de la société Les éditions Diamond.
    [Show full text]
  • Scalability in Web Apis
    Worcester Polytechnic Institute Scalability in Web APIs Ryan Baker Mike Perrone Advised by: George T. Heineman 1 Worcester Polytechnic Institute 1 Introduction 2 Background 2.1 Problem Statement 2.2 Game Services and Tools 2.2.1 Graphics Engine 2.2.2 Map Editor 2.2.3 Friend Network 2.2.4 Achievements 2.2.5 Leaderboards 2.3 Our Service Definition 2.3.1 Leaderboards 2.4 Service Requirements 2.4.1 Administrative Ease 2.4.2 Security 2.4.3 Scalability 2.5 Internal Service Decisions 2.5.1 Application Framework 2.5.2 Cloud Computing 3 Methodology 3.1 Decisions of Design and Architecture 3.1.1 Leaderboards 3.1.2 API Documentation 3.1.3 Developer Console 3.1.4 Admin Console 3.1.5 Java Client Package 3.1.6 Logging 3.2 Decisions of Implementation 3.2.1 Enterprise vs Public 3.2.2 Front End Implementation 3.2.3 Cloud Computing Provider (AWS) 3.2.4 Web Application Framework Implementation (Flask) 3.2.5 Continuous Integration Service 3.2.6 API 3.2.7 Logging 3.2.8 Database Schema 4 Success Metrics 4.1 Resiliency 4.1.1 Simulated Traffic 4.1.2 Load Testing and Scalability 4.2 Design 4.2.1 Client Perspective 2 4.2.3 Admin Perspective 5 Conclusions & Future Work 5.1 Client Conclusions 5.2 Administrator Conclusions 5.3 The Future 6 References 7 Appendix A ­ Why we chose Leaderboards B ­ Facebook’s Game Development API C ­ Playtomic’s API D ­ Front End Tooling Decision E ­ API Documentation Tool F ­ Elastic Beanstalk 3 1 Introduction Game developers, especially those that make social games, undertake a large amount of work to create them.
    [Show full text]
  • Evaluation and Optimization of ICOS Atmosphere Station Data As Part of the Labeling Process
    Atmos. Meas. Tech., 14, 89–116, 2021 https://doi.org/10.5194/amt-14-89-2021 © Author(s) 2021. This work is distributed under the Creative Commons Attribution 4.0 License. Evaluation and optimization of ICOS atmosphere station data as part of the labeling process Camille Yver-Kwok1, Carole Philippon1, Peter Bergamaschi2, Tobias Biermann3, Francescopiero Calzolari4, Huilin Chen5, Sebastien Conil6, Paolo Cristofanelli4, Marc Delmotte1, Juha Hatakka7, Michal Heliasz3, Ove Hermansen8, Katerinaˇ Komínková9, Dagmar Kubistin10, Nicolas Kumps11, Olivier Laurent1, Tuomas Laurila7, Irene Lehner3, Janne Levula12, Matthias Lindauer10, Morgan Lopez1, Ivan Mammarella12, Giovanni Manca2, Per Marklund13, Jean-Marc Metzger14, Meelis Mölder15, Stephen M. Platt9, Michel Ramonet1, Leonard Rivier1, Bert Scheeren5, Mahesh Kumar Sha11, Paul Smith13, Martin Steinbacher16, Gabriela Vítková9, and Simon Wyss16 1Laboratoire des Sciences du Climat et de l’Environnement (LSCE-IPSL), CEA-CNRS-UVSQ, Université Paris-Saclay, 91191 Gif-sur-Yvette, France 2European Commission Joint Research Centre (JRC), Via E. Fermi 2749, 21027 Ispra, Italy 3Centre for Environmental and Climate Research, Lund University, Sölvegatan 37, 223 62, Lund, Sweden 4National Research Council of Italy, Institute of Atmospheric Sciences and Climate, Via Gobett 101, 40129 Bologna, Italy 5Centre for Isotope Research (CIO), Energy and Sustainability Research Institute Groningen (ESRIG), University of Groningen, Groningen, the Netherlands 6DRD/OPE, Andra, 55290 Bure, France 7Finnish Meteorological Institute,
    [Show full text]
  • Scripts.Mit.Edu
    Services Backend Further Info scripts.mit.edu Quentin Smith [email protected] Student Information Processing Board October 29, 2019 Quentin Smith [email protected] scripts.mit.edu 2 Backend AFS suEXEC Kerberos LDAP Apache modules LVS Ansible 3 Further Info Services Backend Further Info Outline 1 Services Web Mail Cron (\Shortjobs") SQL Version control Quentin Smith [email protected] scripts.mit.edu 3 Further Info Services Backend Further Info Outline 1 Services Web Mail Cron (\Shortjobs") SQL Version control 2 Backend AFS suEXEC Kerberos LDAP Apache modules LVS Ansible Quentin Smith [email protected] scripts.mit.edu Services Backend Further Info Outline 1 Services Web Mail Cron (\Shortjobs") SQL Version control 2 Backend AFS suEXEC Kerberos LDAP Apache modules LVS Ansible 3 Further Info Quentin Smith [email protected] scripts.mit.edu Web Services Mail Backend Cron (\Shortjobs") Further Info SQL Version control Outline 1 Services Web Mail Cron (\Shortjobs") SQL Version control 2 Backend AFS suEXEC Kerberos LDAP Apache modules LVS Ansible 3 Further Info Quentin Smith [email protected] scripts.mit.edu suEXEC|allows Apache to spawn a process as the user. even for static content! Web Services Mail Backend Cron (\Shortjobs") Further Info SQL Version control Apache Everyone wants Apache Apache's default configuration isn't safe for scripting Scripting requires code execution|mod php, mod perl, mod python, mod wsgi Apache normally runs everything as apache/nobody How to secure? Quentin Smith [email protected] scripts.mit.edu Web Services Mail Backend Cron (\Shortjobs") Further Info SQL Version control Apache Everyone wants Apache Apache's default configuration isn't safe for scripting Scripting requires code execution|mod php, mod perl, mod python, mod wsgi Apache normally runs everything as apache/nobody How to secure? suEXEC|allows Apache to spawn a process as the user.
    [Show full text]
  • Using Fastcgi with Apache HTTP Server 2.4
    Using FastCGI with Apache HTTP Server 2.4 Jeff Trawick The world of FastCGI Using FastCGI with Apache HTTP Server 2.4 FastCGI with Apache httpd 2.4 Jeff Trawick Choosing mod fcgid http://emptyhammock.com/ mod proxy fcgi [email protected] mod authnz fcgi Other tools April 8, 2014 PHP Applications and FastCGI Future 1/97 Revisions Using FastCGI with Apache HTTP Server 2.4 Jeff Trawick The world of FastCGI 2014-04-10 FastCGI with Apache httpd Add Require expr ... to /www/tools/ 2.4 configuration in More classic CGI configuration Choosing slide to resolve a potential security hole. Thank mod fcgid mod proxy fcgi you Eric Covener! mod authnz fcgi Other tools PHP Applications and FastCGI Future 2/97 Get these slides... Using FastCGI with Apache HTTP Server 2.4 Jeff Trawick The world of FastCGI FastCGI with Apache httpd 2.4 http://emptyhammock.com/projects/info/slides.html Choosing mod fcgid mod proxy fcgi mod authnz fcgi Other tools PHP Applications and FastCGI Future 3/97 Table of Contents Using FastCGI with Apache HTTP Server 1 The world of FastCGI 2.4 Jeff Trawick 2 FastCGI with Apache httpd 2.4 The world of FastCGI 3 Choosing FastCGI with Apache httpd 4 mod fcgid 2.4 Choosing 5 mod proxy fcgi mod fcgid mod proxy fcgi 6 mod authnz fcgi mod authnz fcgi Other tools 7 Other tools PHP Applications 8 PHP Applications and FastCGI and FastCGI Future 9 Future 4/97 Introduction | Who am I? Using FastCGI with Apache HTTP Server 2.4 I've worked at Jeff Trawick several large corporations, for over two decades The world of FastCGI my own one-person company, Emptyhammock, for the FastCGI with last two years Apache httpd 2.4 I've worked on Choosing several products which were primarily based on or mod fcgid otherwise included Apache HTTP Server mod proxy fcgi lower-level networking products mod authnz fcgi web applications Other tools PHP I've developed or maintained some of the FastCGI Applications and FastCGI support in the Apache HTTP Server project.
    [Show full text]
  • Monitoring Wilderness Stream Ecosystems
    United States Department of Monitoring Agriculture Forest Service Wilderness Stream Rocky Mountain Ecosystems Research Station General Technical Jeffrey C. Davis Report RMRS-GTR-70 G. Wayne Minshall Christopher T. Robinson January 2001 Peter Landres Abstract Davis, Jeffrey C.; Minshall, G. Wayne; Robinson, Christopher T.; Landres, Peter. 2001. Monitoring wilderness stream ecosystems. Gen. Tech. Rep. RMRS-GTR-70. Ogden, UT: U.S. Department of Agriculture, Forest Service, Rocky Mountain Research Station. 137 p. A protocol and methods for monitoring the major physical, chemical, and biological components of stream ecosystems are presented. The monitor- ing protocol is organized into four stages. At stage 1 information is obtained on a basic set of parameters that describe stream ecosystems. Each following stage builds upon stage 1 by increasing the number of parameters and the detail and frequency of the measurements. Stage 4 supplements analyses of stream biotic structure with measurements of stream function: carbon and nutrient processes. Standard methods are presented that were selected or modified through extensive field applica- tion for use in remote settings. Keywords: bioassessment, methods, sampling, macroinvertebrates, production The Authors emphasize aquatic benthic inverte- brates, community dynamics, and Jeffrey C. Davis is an aquatic ecolo- stream ecosystem structure and func- gist currently working in Coastal Man- tion. For the past 19 years he has agement for the State of Alaska. He been conducting research on the received his B.S. from the University long-term effects of wildfires on of Alaska, Anchorage, and his M.S. stream ecosystems. He has authored from Idaho State University. His re- over 100 peer-reviewed journal ar- search has focused on nutrient dy- ticles and 85 technical reports.
    [Show full text]