WebStack

Annotated README.txt

401:ca2a40e20036
2005-07-16 paulb [project @ 2005-07-16 20:32:56 by paulb] Enhanced the PYTHONPATH handling to respect the existing definition.
paulb@68 1
Introduction
paulb@68 2
------------
paulb@68 3
paulb@301 4
WebStack is a package which provides a common API for Python Web
paulb@301 5
applications, regardless of the underlying server or framework environment.
paulb@301 6
It should be possible with WebStack to design and implement an application,
paulb@301 7
to choose a deployment environment, and then to be able to deploy the
paulb@301 8
application in a different environment later on without having to go back
paulb@301 9
and rewrite substantial parts of the application.
paulb@60 10
paulb@362 11
Quick Start
paulb@362 12
-----------
paulb@362 13
paulb@362 14
Try running the demo:
paulb@362 15
paulb@362 16
python tools/demo.py
paulb@362 17
paulb@363 18
An introductory guide to creating applications can be found in the docs
paulb@363 19
directory - see docs/index.html for the start page.
paulb@363 20
paulb@363 21
Contact, Copyright and Licence Information
paulb@363 22
------------------------------------------
paulb@363 23
paulb@363 24
The current Web page for WebStack at the time of release is:
paulb@363 25
paulb@363 26
http://www.boddie.org.uk/python/WebStack.html
paulb@363 27
paulb@363 28
Copyright and licence information can be found in the docs directory - see
paulb@363 29
docs/LICENCE.txt and docs/LICENCE-PyServlet.txt for more information.
paulb@363 30
paulb@68 31
Framework Support
paulb@68 32
-----------------
paulb@68 33
paulb@218 34
Currently, BaseHTTPRequestHandler (via BaseHTTPServer in the standard
paulb@301 35
library), CGI, Jython/Java Servlet API, mod_python, Twisted, Webware, WSGI
paulb@301 36
and Zope 2 are supported. Each framework has its own set of strengths and
paulb@301 37
weaknesses, but the idea is that deployment concerns can be considered
paulb@301 38
separately from the implementation of application functionality. Consult the
paulb@301 39
NOTES.txt files in each framework's subdirectory of the docs directory for
paulb@301 40
some notes on how applications may be run in each environment.
paulb@60 41
paulb@244 42
Tested Frameworks           Release Information
paulb@244 43
-----------------           -------------------
paulb@68 44
paulb@362 45
BaseHTTPRequestHandler      Python 2.2.2, Python 2.3.3, Python 2.4.1
paulb@388 46
CGI                         Apache 2.0.44, Apache 2.0.53, AOLserver 4.0.10
paulb@244 47
Jython/Java Servlet API     Jython 2.1, Java JDK 1.3.1_02, Tomcat 4.1.27 (Servlet 2.3)
paulb@244 48
mod_python                  3.0.3 (3.1.3 for framework cookie and session support)
paulb@308 49
Twisted                     1.0.5, 1.3.0
paulb@244 50
Webware                     0.8.1, CVS (2004-02-06)
paulb@304 51
WSGI                        run_with_cgi (PEP 333)
paulb@388 52
Zope                        2.7.2-0, 2.8.0-final
paulb@388 53
paulb@388 54
New in WebStack 0.10 (Changes since WebStack 0.9)
paulb@388 55
-------------------------------------------------
paulb@388 56
paulb@388 57
Changes to make the tools/demo.py script work on Windows (and other) platforms
paulb@388 58
(suggested by Jim Madsen).
paulb@394 59
Fixed end of header newlines for CGI (suggested by Matt Harrison).
paulb@388 60
Minor documentation fixes and improvements, adding information on AOLserver in
paulb@388 61
the CGI and Webware notes.
paulb@395 62
Changed the mod_python server name method to use the server object rather than
paulb@395 63
the connection object.
paulb@396 64
Added a parameter to the ResourceMap.MapResource class to permit automatic
paulb@398 65
redirects into resource hierarchies when no trailing "/" was given in the URL;
paulb@398 66
changed the updated virtual path info so that empty values may be set (the
paulb@398 67
guarantee that "/" will always appear no longer applies).
paulb@398 68
Fixed virtual path info retrieval when the value is an empty string.
paulb@192 69
paulb@314 70
New in WebStack 0.9 (Changes since WebStack 0.8)
paulb@314 71
------------------------------------------------
paulb@314 72
paulb@314 73
Standardised error handling in the adapters so that tracebacks can be
paulb@314 74
suppressed and an internal server error condition raised.
paulb@314 75
Added overriding of path info in transactions.
paulb@314 76
Added a ResourceMap resource for dispatching to different resources
paulb@314 77
according to path components.
paulb@329 78
Standardised deployment for some frameworks (see docs/deploying.html).
paulb@329 79
Introductory documentation in XHTML format.
paulb@343 80
Added server name and port methods to the transaction.
paulb@363 81
Added a simple demonstration application, incorporating many of the examples
paulb@363 82
and launched under a single script.
paulb@373 83
Fixed mod_python native sessions.
paulb@382 84
Fixed Zope request stream access.
paulb@370 85
WebStack is now licensed under the LGPL - see docs/COPYING.txt for details.
paulb@314 86
paulb@300 87
New in WebStack 0.8 (Changes since WebStack 0.7)
paulb@295 88
------------------------------------------------
paulb@295 89
paulb@295 90
Added a standard exception, EndOfResponse, which can be used to immediately
paulb@295 91
stop the processing/production of a response; this is useful when resources
paulb@295 92
need to issue a redirect without unnecessary content being generated, for
paulb@295 93
example.
paulb@299 94
Fixed path information for Zope.
paulb@301 95
Added WSGI support.
paulb@308 96
Verified Twisted 1.3.0 support with Python 2.3.3.
paulb@295 97
paulb@300 98
New in WebStack 0.7 (Changes since WebStack 0.6)
paulb@192 99
------------------------------------------------
paulb@192 100
paulb@218 101
Fixed path information semantics.
paulb@192 102
Fixed file upload semantics.
paulb@227 103
Fixed content type handling for Unicode output and for interpreting request
paulb@227 104
body fields/parameters (although some improvement remains).
paulb@253 105
Added a method to discover the chosen response stream encoding.
paulb@227 106
Fixed field/parameter retrieval so that path and body fields are distinct,
paulb@227 107
regardless of the framework employed.
paulb@363 108
Added a method to get a combination of path and body fields (suggested by
paulb@363 109
Jacob Smullyan).
paulb@192 110
Introduced Zope 2 support.
paulb@247 111
Improved Jython/Java Servlet API support (although a special PyServlet class
paulb@247 112
must now be used, and certain libraries must be deployed with applications).
paulb@293 113
Introduced authentication/authorisation support for Jython/Java Servlet API.
paulb@293 114
Session support has been added (except for Webware 0.8.1).
paulb@247 115
Alternative cookie support for mod_python has been added.
paulb@293 116
Cookie support now supports encoded Unicode sequences for names and values.
paulb@68 117
paulb@300 118
New in WebStack 0.6 (Changes since WebStack 0.5)
paulb@178 119
------------------------------------------------
paulb@178 120
paulb@178 121
Introduced Jython/Java Servlet API support.
paulb@178 122
Minor fixes to example applications and to BaseHTTPRequestHandler.
paulb@178 123
paulb@300 124
New in WebStack 0.5 (Changes since WebStack 0.4)
paulb@171 125
------------------------------------------------
paulb@171 126
paulb@363 127
Changed request body fields/parameters so that they are now represented
paulb@363 128
using Unicode objects rather than plain strings.
paulb@171 129
Introduced better support for Unicode in response streams.
paulb@171 130
paulb@300 131
New in WebStack 0.4 (Changes since WebStack 0.3)
paulb@160 132
------------------------------------------------
paulb@140 133
paulb@140 134
Added application definition of user identity, permitting alternative
paulb@140 135
authentication mechanisms.
paulb@363 136
Improved BaseHTTPRequestHandler and mod_python reliability around fields
paulb@363 137
from request bodies.
paulb@142 138
Provided stream and environment parameterisation in the CGI adapter.
paulb@140 139
Added LoginRedirect and Login examples.
paulb@164 140
Added get_path_without_query and fixed get_path behaviour.
paulb@140 141
paulb@300 142
New in WebStack 0.3 (Changes since WebStack 0.2)
paulb@160 143
------------------------------------------------
paulb@120 144
paulb@120 145
Added better header support for Webware (suggested by Ian Bicking).
paulb@120 146
Introduced CGI and Java Servlet support (the latter is currently
paulb@120 147
broken/unfinished).
paulb@120 148
Introduced support for cookies.
paulb@120 149
paulb@68 150
Future Work
paulb@68 151
-----------
paulb@68 152
paulb@308 153
(Essential)
paulb@308 154
paulb@308 155
JythonServlet libraries need to be configured using sys.add_package when
paulb@308 156
these do not feature in the compiled-in list. Adding such configuration to
paulb@308 157
the handler may be most appropriate (since the web.xml file can be too
paulb@308 158
arcane), but this needs testing.
paulb@308 159
paulb@308 160
(Important)
paulb@308 161
paulb@165 162
Things to consider for future releases: improved cookie support, redirects,
paulb@218 163
access to shared resources and much better documentation.
paulb@68 164
paulb@363 165
Field access needs testing, especially for anything using the
paulb@363 166
cgi.FieldStorage class, and the way file uploads are exposed should be
paulb@363 167
reviewed (currently the meta-data is not exposed). The acquisition of fields
paulb@363 168
from specific sources should be tested with different request methods - some
paulb@363 169
frameworks provide path fields in the body fields dictionary, others (eg.
paulb@363 170
Zope) change the fields exposed depending on request method.
paulb@248 171
paulb@363 172
Interpretation of path field encodings needs to be verified. Currently,
paulb@363 173
stray path fields are handled (eg. in WebStack.Helpers.Request) as being
paulb@363 174
ISO-8859-1, but it might be the case that some such fields might be
paulb@363 175
submitted as UTF-8.
paulb@102 176
paulb@102 177
Cookie objects need defining strictly, especially since the standard library
paulb@363 178
Cookie object behaves differently to mod_python (and possibly Webware)
paulb@363 179
Cookie objects. Moreover, the set_cookie_value method needs to provide
paulb@363 180
access to the usual cookie parameters as supported by the frameworks. The
paulb@363 181
standard library Cookie module has issues with Unicode cookie names (and
paulb@363 182
possibly values) - this is worked around, but it would be best to resolve
paulb@363 183
this comprehensively.
paulb@90 184
paulb@363 185
UTF-16 (and possibly other encodings) causes problems with HTML form data
paulb@363 186
sent in POST requests using the application/x-www-form-urlencoded content
paulb@363 187
type.  This should be reviewed at a later date when proper standardisation
paulb@363 188
has taken place.
paulb@218 189
paulb@239 190
Session support, especially through WebStack.Helpers.Session, should be
paulb@248 191
reviewed and be made compatible with non-cookie mechanisms.
paulb@248 192
paulb@248 193
HeaderValue objects should be employed more extensively. Thus, the header
paulb@248 194
access methods may need to change their behaviour slightly.
paulb@248 195
paulb@248 196
Investigate the nicer functions in the cgi module, discarding the "magic"
paulb@248 197
stuff like FieldStorage.
paulb@239 198
paulb@304 199
WSGI support could demand that a special "end of headers" method be
paulb@304 200
introduced into WebStack, thus making response output more efficient (and
paulb@304 201
probably also for other frameworks, too).
paulb@304 202
paulb@363 203
The algorithm employed in the WebStack.Helpers.Auth.get_token function
paulb@363 204
should be reviewed and improved for better security.
paulb@332 205
paulb@336 206
Investigate proper support for HEAD, OPTIONS and other request methods.
paulb@336 207
paulb@365 208
Consider packages for different operating systems.
paulb@365 209
paulb@355 210
(Completed/rejected)
paulb@355 211
paulb@355 212
The location of deployed applications in the filesystem should be exposed to
paulb@355 213
those applications. (This is actually available in the __file__ module
paulb@355 214
variable.)
paulb@355 215
paulb@355 216
Path information should be consistent across all frameworks, and the "path
paulb@355 217
info" value should be meaningful. (This should now be correct.)
paulb@355 218
paulb@159 219
Release Procedures
paulb@159 220
------------------
paulb@159 221
paulb@159 222
Update the WebStack/__init__.py __version__ attribute.
paulb@329 223
Change the version number and package filename/directory in the documentation.
paulb@332 224
Change code examples in the documentation if appropriate.
paulb@159 225
Update the release notes (see above).
paulb@159 226
Check the setup.py file and ensure that all package directories are mentioned.
paulb@253 227
Tag, export.
paulb@247 228
Generate the PyServlet classes.
paulb@355 229
Generate the API documentation.
paulb@384 230
Remove generated .pyc files: rm `find . -name "*.pyc"`
paulb@253 231
Archive, upload.
paulb@367 232
Upload the introductory documentation.
paulb@365 233
Update PyPI, PythonInfo Wiki, Vaults of Parnassus entries.
paulb@355 234
paulb@355 235
Generating the API Documentation
paulb@355 236
--------------------------------
paulb@355 237
paulb@363 238
In order to prepare the API documentation, it is necessary to generate some
paulb@363 239
Web pages from the Python source code. For this, the epydoc application must
paulb@363 240
be available on your system. Then, inside the WebStack directory, run the
paulb@355 241
apidocs.sh tool script as follows:
paulb@355 242
paulb@355 243
./tools/apidocs.sh
paulb@355 244
paulb@355 245
Some warnings may be generated by the script, but the result should be a new
paulb@355 246
apidocs directory within the WebStack directory.