[Web-SIG] Naif wanting to improve CGI handling
Christoph Haas
email at christoph-haas.de
Fri Nov 24 15:43:23 CET 2006
Dear SIG,
I have just subscribed to this list and while I waded through a few
postings in the list's archive I might not have a clear picture of what's
currently really going on. So I may ask about things that you have decided
on already.
Frankly I'm unhappy with the 'cgi' module in the standard library. A
posting on the python-user mailing list made me rethink why web
programming is so painful for me in Python while it was easy in Perl
(while everything else was hard in Perl which is easy in Python). IMHO
Python deserves at least a good CGI implementation. And since I'm used to
Perl's 'CGI' module I would at least expect the same functionality in
Python.
In my posting on python-user I wrote that I would want:
- cookie handling
- cookie-session handling (similar to PHP or Perl's CGI::Session; combined
with database backends or simple text files)
- handling of form fields (Perl's CGI class can easily redisplay what
has been entered in the fields when they got submitted through a <FORM>)
- accessing parameters (honestly I haven't yet understood why I need to use
.value on FielStorage dictionaries - why isn't it just a plain
dictionary?)
- state keeping (storing the contents of all form fields on disk
to retrieve it later)
- creating form elements easily (option lists for example from
dictionaries and lists like in Perl)
- creating standard HTML elements (or do you remember how DOCTYPE
looks without looking it up?)
- handling of file uploads (which is just a recipe on ActivePython
at the moment)
- controlling HTTP headers (expires, redirections, charset)
- convenience functions e.g. for getting the client IP address without
needing to read ENV['REMOTE_ADDR']
So I started reading http://wiki.python.org/moin/WebStandardisation and
found a pretty large list of frameworks, modules and other approaches to
deal with the shortcomings of CGI handling in Python in real life. A user
coming from Perl and being used to Perl's 'CGI' module will surely not
know where to start. The standard library is not sufficient and makes
him/her start to reinvent the wheel (that's what I did). Frameworks make
him/her learn yet another language because frameworks often seem to
transforming Python into some new language.
While reading what is already done and learning about this SIG I found the
PEP333 that really scared me. I'm personally not interested in Python
acting as a web server. I'm used to run Apache and use CGIs that deal with
stdin, stdout and environment variables. So my expectations are pretty
close to Perl's 'CGI' and 'CGI::Session' modules. But it sounds like it's
pretty mandatory to use WSGI if I want to add any layer of functionality.
Currently my idea is to ignore PEP333 - mainly because I don't know whether
I really need anything of that - and implement Perl's way of CGI handling
in Python. I just fear that it will add to the pile of frameworks and get
us even further away from providing *the* standard CGI library. It's nice
to have the freedom to choose. But while everybody complains about Perl's
TIMTOWTDI at least CGI programmers in Perl know what to use. While in
Python everybody's going berserk on the large set of possible frameworks.
IMHO whenever TIMTOWTDI in Python there is missing something basic.
I'm dreaming of a generic way to handle CGIs in Python's common beautiful
style while depending fully on the standard library. Perhaps something
like...
import newstuff
import MySQLdb
import datetime
# Open database for storing sessions
mydatabase = MySQLdb.connect(...)
# Define a session handler
session_handler = newstuff.session_cookies(
database_type = 'mysql',
database_handler = mydatabase
)
# Create a CGI instance
mycgi = newstuff.CGI(
session_cookie_name = 'MYSESSION',
session_cookie_handler = session_handler,
session_max_age = datetime.timedelta(hours=1),
# Cookie session based authentication
authentication_needed = True,
authentication_realm = 'Secure Area'
)
# Print out the HTTP header
print mycgi.http_header(
type='text/html',
expires='+3d'
)
# Print out the HTML header
print mycgi.start_html(
title = 'Secrets of the Pyramids',
target = '_blank',
css_stylesheet = '/mystyle.css'
)
# Provide a login form unless the user is authenticated through
# a <form> that is connected to the cookie session
if not mycgi.authenticated:
print mycgi.html.loginform(
...
)
# Print a <h1> HTML element
print mycgi.html.h1(
'Hello world',
style = 'funkytitle'
)
# Access a form parameter
print "In the last form the name you entered was:", \
mycgi.form('name')
# Store a value into the cookie session
mycgi.session_set('name', mycgi.form('name'))
# Access a value from the cookie session
print "Your cookie session contains this country:", \
mycgi.session_get('country')
# Send </html>
mycgi.end_html()
This is just a rough brainstormed draft and I haven't thought of a huge
concept or plan so far.
Should I just go ahead and create yet another framework and increase the
chaos by joining the dark side? Or is there work going on where my ideas
would fit in and where my revolutionary energy saves the world? I would
love to see my Python skills - as average as they may be - create
something useful not only for me. I hope someone of you has enough
overview over the current activities to provide a little guidance. Thanks
in advance.
Kindly
Christoph
More information about the Web-SIG
mailing list