1 Introduction
2 ------------
3
4 WebStack is a package which provides a common API for Python Web
5 applications, regardless of the underlying server or framework environment.
6 It should be possible with WebStack to design and implement an application,
7 to choose a deployment environment, and then to be able to deploy the
8 application in a different environment later on without having to go back
9 and rewrite substantial parts of the application.
10
11 Quick Start
12 -----------
13
14 Try running the demo:
15
16 python tools/demo.py
17
18 An introductory guide to creating applications can be found in the docs
19 directory - see docs/index.html for the start page.
20
21 Contact, Copyright and Licence Information
22 ------------------------------------------
23
24 The current Web page for WebStack at the time of release is:
25
26 http://www.boddie.org.uk/python/WebStack.html
27
28 Copyright and licence information can be found in the docs directory - see
29 docs/LICENCE.txt and docs/LICENCE-PyServlet.txt for more information.
30
31 Framework Support
32 -----------------
33
34 Currently, BaseHTTPRequestHandler (via BaseHTTPServer in the standard
35 library), CGI, Jython/Java Servlet API, mod_python, Twisted, Webware, WSGI
36 and Zope 2 are supported. Each framework has its own set of strengths and
37 weaknesses, but the idea is that deployment concerns can be considered
38 separately from the implementation of application functionality. Consult the
39 NOTES.txt files in each framework's subdirectory of the docs directory for
40 some notes on how applications may be run in each environment.
41
42 Tested Frameworks Release Information
43 ----------------- -------------------
44
45 BaseHTTPRequestHandler Python 2.2.2, Python 2.3.3, Python 2.4.1
46 CGI Apache 2.0.44
47 Jython/Java Servlet API Jython 2.1, Java JDK 1.3.1_02, Tomcat 4.1.27 (Servlet 2.3)
48 mod_python 3.0.3 (3.1.3 for framework cookie and session support)
49 Twisted 1.0.5, 1.3.0
50 Webware 0.8.1, CVS (2004-02-06)
51 WSGI run_with_cgi (PEP 333)
52 Zope 2.7.2-0
53
54 New in WebStack 0.9 (Changes since WebStack 0.8)
55 ------------------------------------------------
56
57 Standardised error handling in the adapters so that tracebacks can be
58 suppressed and an internal server error condition raised.
59 Added overriding of path info in transactions.
60 Added a ResourceMap resource for dispatching to different resources
61 according to path components.
62 Standardised deployment for some frameworks (see docs/deploying.html).
63 Introductory documentation in XHTML format.
64 Added server name and port methods to the transaction.
65 Added a simple demonstration application, incorporating many of the examples
66 and launched under a single script.
67
68 New in WebStack 0.8 (Changes since WebStack 0.7)
69 ------------------------------------------------
70
71 Added a standard exception, EndOfResponse, which can be used to immediately
72 stop the processing/production of a response; this is useful when resources
73 need to issue a redirect without unnecessary content being generated, for
74 example.
75 Fixed path information for Zope.
76 Added WSGI support.
77 Verified Twisted 1.3.0 support with Python 2.3.3.
78
79 New in WebStack 0.7 (Changes since WebStack 0.6)
80 ------------------------------------------------
81
82 Fixed path information semantics.
83 Fixed file upload semantics.
84 Fixed content type handling for Unicode output and for interpreting request
85 body fields/parameters (although some improvement remains).
86 Added a method to discover the chosen response stream encoding.
87 Fixed field/parameter retrieval so that path and body fields are distinct,
88 regardless of the framework employed.
89 Added a method to get a combination of path and body fields (suggested by
90 Jacob Smullyan).
91 Introduced Zope 2 support.
92 Improved Jython/Java Servlet API support (although a special PyServlet class
93 must now be used, and certain libraries must be deployed with applications).
94 Introduced authentication/authorisation support for Jython/Java Servlet API.
95 Session support has been added (except for Webware 0.8.1).
96 Alternative cookie support for mod_python has been added.
97 Cookie support now supports encoded Unicode sequences for names and values.
98
99 New in WebStack 0.6 (Changes since WebStack 0.5)
100 ------------------------------------------------
101
102 Introduced Jython/Java Servlet API support.
103 Minor fixes to example applications and to BaseHTTPRequestHandler.
104
105 New in WebStack 0.5 (Changes since WebStack 0.4)
106 ------------------------------------------------
107
108 Changed request body fields/parameters so that they are now represented
109 using Unicode objects rather than plain strings.
110 Introduced better support for Unicode in response streams.
111
112 New in WebStack 0.4 (Changes since WebStack 0.3)
113 ------------------------------------------------
114
115 Added application definition of user identity, permitting alternative
116 authentication mechanisms.
117 Improved BaseHTTPRequestHandler and mod_python reliability around fields
118 from request bodies.
119 Provided stream and environment parameterisation in the CGI adapter.
120 Added LoginRedirect and Login examples.
121 Added get_path_without_query and fixed get_path behaviour.
122
123 New in WebStack 0.3 (Changes since WebStack 0.2)
124 ------------------------------------------------
125
126 Added better header support for Webware (suggested by Ian Bicking).
127 Introduced CGI and Java Servlet support (the latter is currently
128 broken/unfinished).
129 Introduced support for cookies.
130
131 Future Work
132 -----------
133
134 (Essential)
135
136 JythonServlet libraries need to be configured using sys.add_package when
137 these do not feature in the compiled-in list. Adding such configuration to
138 the handler may be most appropriate (since the web.xml file can be too
139 arcane), but this needs testing.
140
141 (Important)
142
143 Things to consider for future releases: improved cookie support, redirects,
144 access to shared resources and much better documentation.
145
146 Field access needs testing, especially for anything using the
147 cgi.FieldStorage class, and the way file uploads are exposed should be
148 reviewed (currently the meta-data is not exposed). The acquisition of fields
149 from specific sources should be tested with different request methods - some
150 frameworks provide path fields in the body fields dictionary, others (eg.
151 Zope) change the fields exposed depending on request method.
152
153 Interpretation of path field encodings needs to be verified. Currently,
154 stray path fields are handled (eg. in WebStack.Helpers.Request) as being
155 ISO-8859-1, but it might be the case that some such fields might be
156 submitted as UTF-8.
157
158 Cookie objects need defining strictly, especially since the standard library
159 Cookie object behaves differently to mod_python (and possibly Webware)
160 Cookie objects. Moreover, the set_cookie_value method needs to provide
161 access to the usual cookie parameters as supported by the frameworks. The
162 standard library Cookie module has issues with Unicode cookie names (and
163 possibly values) - this is worked around, but it would be best to resolve
164 this comprehensively.
165
166 UTF-16 (and possibly other encodings) causes problems with HTML form data
167 sent in POST requests using the application/x-www-form-urlencoded content
168 type. This should be reviewed at a later date when proper standardisation
169 has taken place.
170
171 Session support, especially through WebStack.Helpers.Session, should be
172 reviewed and be made compatible with non-cookie mechanisms.
173
174 HeaderValue objects should be employed more extensively. Thus, the header
175 access methods may need to change their behaviour slightly.
176
177 Investigate the nicer functions in the cgi module, discarding the "magic"
178 stuff like FieldStorage.
179
180 WSGI support could demand that a special "end of headers" method be
181 introduced into WebStack, thus making response output more efficient (and
182 probably also for other frameworks, too).
183
184 The algorithm employed in the WebStack.Helpers.Auth.get_token function
185 should be reviewed and improved for better security.
186
187 Investigate proper support for HEAD, OPTIONS and other request methods.
188
189 (Completed/rejected)
190
191 The location of deployed applications in the filesystem should be exposed to
192 those applications. (This is actually available in the __file__ module
193 variable.)
194
195 Path information should be consistent across all frameworks, and the "path
196 info" value should be meaningful. (This should now be correct.)
197
198 Release Procedures
199 ------------------
200
201 Update the WebStack/__init__.py __version__ attribute.
202 Change the version number and package filename/directory in the documentation.
203 Change code examples in the documentation if appropriate.
204 Update the release notes (see above).
205 Check the setup.py file and ensure that all package directories are mentioned.
206 Tag, export.
207 Generate the PyServlet classes.
208 Generate the API documentation.
209 Archive, upload.
210
211 Generating the API Documentation
212 --------------------------------
213
214 In order to prepare the API documentation, it is necessary to generate some
215 Web pages from the Python source code. For this, the epydoc application must
216 be available on your system. Then, inside the WebStack directory, run the
217 apidocs.sh tool script as follows:
218
219 ./tools/apidocs.sh
220
221 Some warnings may be generated by the script, but the result should be a new
222 apidocs directory within the WebStack directory.