SlideShare uma empresa Scribd logo
1 de 25
Baixar para ler offline
Progressive enhancement using WSGI
                         Matthew Wilkes
/ˈwɪski/
A Python API for web applications
Matthew Wilkes

•   Zope / Plone core developer.

•   Performance and Security work at the Code Distillery

•   WSGI/Whisky snob.

•   Developed large applications using WSGI.

•   Co-author of the Zope’s WSGI support.
WSGI apps
    Just an API for handling HTTP requests. Used by:

•   Pyramid

•   Zope

•   CherryPy

•   Web2Py

•   … most people
Composites
    Composites join multiple WSGI
    apps together



•   Subsite URL Routing

•   Management screens
Middlewares
    Middlewares are used for changing a webapp’s input/output

•   Theming/Design

•   Error handling

•   Adding features

•   URL rewriting

•   Embargos of information
Mistakes…
Python specific
•   “Middlewares are easier to
    write than normal libraries”

•   Cannot assume that you won’t
    want to use it on a PHP app in
    future

•   Proxies allow heterogenous
    applications to be composed

•   Being language agnostic doesn’t
    mean you will have to write
    Perl code (it helps you avoid it)
A waste of time
•   Simple modifications work best as middlewares

•   But, simple modifications are easy in your framework

•   “I should just fix it in place”



•   “This wouldn’t be useful to other people, so I’ll leave it in
    the customer project”

•   You’ll likely make another website sometime soon
The Good bits
Great libraries
•   WebOb makes requests easy to deal with.

•   The wsgiref WSGI web server is in the Standard Library

•   Lots of other server frontends to select for production

•   Paste’s Transparent Proxy lets you test the middleware on
    any website

•   lxml makes managing HTML easy

•   PasteDeploy provides .ini app composition
Templates
•   http://pypi.python.org/pypi/wsgitemplates

•   http://pythonpaste.org/deploy/#the-config-file

•   http://docs.webob.org/en/latest/wiki-example.html
But… you said progressive enhancement
CAPTCHAs
•   Many ways to do them in Plone

•   Archetypes, formlib, z3c.form, custom view,
    plone.app.discussion, PloneFormGen, …

•   Some code reuse

•   Not enough

•   So, middleware?
CAPTCHAs
•   If we’re building a new application we have the most
    flexibility.

•   We want a boolean, isHuman.

•   Simplest CAPTCHA possible is a checkbox.
    (Hey! No lying, Spambots!)

•   So, add that with your favourite form library.
Progressive Enhancement using WSGI
CAPTCHAs
•   Not a very effective CAPTCHA.

•   But, many historical CAPTCHAs are now unusable…

•   As the enemy is getting better, too.

•   Need to decouple the logic of ‘test for human’ and the
    method.

•   Use a WSGI Middleware to rewrite the form.
Progressive Enhancement using WSGI
The code
•   The middleware extracts the
    checkboxes from the application
    as requests are served.

•   CAPTCHAs are generated and
    the image inserted.

•   The valid responses are stored
    in memory.

•   Inbound requests check the
    input and emulate selecting the
    checkbox.
CAPTCHAs
•   A small Python class will now work on any web-app
    backend.

•   If you happen to have another application that also
    outputs the checkboxes, this will slot right in front



•   But… you don’t really want to be adding checkboxes to
    the legacy apps.

•   So, middleware?
The code
•   The middleware detects
    <form>s as requests are served.

•   The checkbox is inserted

•   Inbound requests check if the
    checkbox is selected

•   If not, redirect back with form
    data in GET

•   Otherwise, remove the
    checkbox value and POST on.
Overkill?
Maybe.
•   Performance damage is very low.

•   Decide on the what will save you the most development time in the
    long-term.

•   Need more initial effort for the middleware

•   But all your deployments that use it can do so without the ‘upgrade
    the customer site to the latest trunk’ tax that stops you right now.

•   And it can be open sourced, so others will help you add features.
Links


https://github.com/MatthewWilkes/islay.simplecaptcha

https://github.com/MatthewWilkes/islay.hardercaptcha
The Code Distillery
                              Bristol


Questions?


  Or contact us on:
alan@thedistillery.eu
matt@thedistillery.eu

Mais conteúdo relacionado

Mais procurados

Untangling - fall2017 - week 10
Untangling - fall2017 - week 10Untangling - fall2017 - week 10
Untangling - fall2017 - week 10Derek Jacoby
 
Aspect oriented programming
Aspect oriented programmingAspect oriented programming
Aspect oriented programmingRobert MacLean
 
SeleniumCamp 2015 Andrii Soldatenko
SeleniumCamp 2015 Andrii SoldatenkoSeleniumCamp 2015 Andrii Soldatenko
SeleniumCamp 2015 Andrii SoldatenkoAndrii Soldatenko
 
Practical continuous quality gates for development process
Practical continuous quality gates for development processPractical continuous quality gates for development process
Practical continuous quality gates for development processAndrii Soldatenko
 
Sync Workitems between multiple Team Projects #vssatpn
Sync Workitems between multiple Team Projects #vssatpnSync Workitems between multiple Team Projects #vssatpn
Sync Workitems between multiple Team Projects #vssatpnLorenzo Barbieri
 
Saving Time By Testing With Jest
Saving Time By Testing With JestSaving Time By Testing With Jest
Saving Time By Testing With JestBen McCormick
 
Engage 2019: The good, the bad and the ugly: a not so objective view on front...
Engage 2019: The good, the bad and the ugly: a not so objective view on front...Engage 2019: The good, the bad and the ugly: a not so objective view on front...
Engage 2019: The good, the bad and the ugly: a not so objective view on front...Frank van der Linden
 
Untangling - fall2017 - week 9
Untangling - fall2017 - week 9Untangling - fall2017 - week 9
Untangling - fall2017 - week 9Derek Jacoby
 
Build Fail-Proof Tests in Any Browser with Selenium
Build Fail-Proof Tests in Any Browser with SeleniumBuild Fail-Proof Tests in Any Browser with Selenium
Build Fail-Proof Tests in Any Browser with SeleniumTechWell
 
YAPC::EU 2015 - Perl Conferences
YAPC::EU 2015 - Perl ConferencesYAPC::EU 2015 - Perl Conferences
YAPC::EU 2015 - Perl Conferencesℕicolas ℝ.
 
HTML5: what's new?
HTML5: what's new?HTML5: what's new?
HTML5: what's new?Chris Mills
 
Untangling spring week11
Untangling spring week11Untangling spring week11
Untangling spring week11Derek Jacoby
 
Untangling spring week5
Untangling spring week5Untangling spring week5
Untangling spring week5Derek Jacoby
 
Patterns and practices for building enterprise-scale HTML5 apps
Patterns and practices for building enterprise-scale HTML5 appsPatterns and practices for building enterprise-scale HTML5 apps
Patterns and practices for building enterprise-scale HTML5 appsPhil Leggetter
 
Building Extensions in VSTS and TFS
Building Extensions in VSTS and TFSBuilding Extensions in VSTS and TFS
Building Extensions in VSTS and TFSJeff Bramwell
 
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...Gaetano Giunta
 

Mais procurados (20)

Untangling - fall2017 - week 10
Untangling - fall2017 - week 10Untangling - fall2017 - week 10
Untangling - fall2017 - week 10
 
Untangling11
Untangling11Untangling11
Untangling11
 
Aspect oriented programming
Aspect oriented programmingAspect oriented programming
Aspect oriented programming
 
SeleniumCamp 2015 Andrii Soldatenko
SeleniumCamp 2015 Andrii SoldatenkoSeleniumCamp 2015 Andrii Soldatenko
SeleniumCamp 2015 Andrii Soldatenko
 
Practical continuous quality gates for development process
Practical continuous quality gates for development processPractical continuous quality gates for development process
Practical continuous quality gates for development process
 
Sync Workitems between multiple Team Projects #vssatpn
Sync Workitems between multiple Team Projects #vssatpnSync Workitems between multiple Team Projects #vssatpn
Sync Workitems between multiple Team Projects #vssatpn
 
Saving Time By Testing With Jest
Saving Time By Testing With JestSaving Time By Testing With Jest
Saving Time By Testing With Jest
 
Engage 2019: The good, the bad and the ugly: a not so objective view on front...
Engage 2019: The good, the bad and the ugly: a not so objective view on front...Engage 2019: The good, the bad and the ugly: a not so objective view on front...
Engage 2019: The good, the bad and the ugly: a not so objective view on front...
 
Untangling - fall2017 - week 9
Untangling - fall2017 - week 9Untangling - fall2017 - week 9
Untangling - fall2017 - week 9
 
Build Fail-Proof Tests in Any Browser with Selenium
Build Fail-Proof Tests in Any Browser with SeleniumBuild Fail-Proof Tests in Any Browser with Selenium
Build Fail-Proof Tests in Any Browser with Selenium
 
YAPC::EU 2015 - Perl Conferences
YAPC::EU 2015 - Perl ConferencesYAPC::EU 2015 - Perl Conferences
YAPC::EU 2015 - Perl Conferences
 
HTML5: what's new?
HTML5: what's new?HTML5: what's new?
HTML5: what's new?
 
Cypress workshop for JSFoo 2019
Cypress  workshop for JSFoo 2019Cypress  workshop for JSFoo 2019
Cypress workshop for JSFoo 2019
 
Untangling spring week11
Untangling spring week11Untangling spring week11
Untangling spring week11
 
Untangling spring week5
Untangling spring week5Untangling spring week5
Untangling spring week5
 
ASP.NET & Unit Testing
ASP.NET & Unit TestingASP.NET & Unit Testing
ASP.NET & Unit Testing
 
Patterns and practices for building enterprise-scale HTML5 apps
Patterns and practices for building enterprise-scale HTML5 appsPatterns and practices for building enterprise-scale HTML5 apps
Patterns and practices for building enterprise-scale HTML5 apps
 
Building Extensions in VSTS and TFS
Building Extensions in VSTS and TFSBuilding Extensions in VSTS and TFS
Building Extensions in VSTS and TFS
 
PyCon Ukraine 2014
PyCon Ukraine 2014PyCon Ukraine 2014
PyCon Ukraine 2014
 
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
 

Semelhante a Progressive Enhancement using WSGI

Why use Go for web development?
Why use Go for web development?Why use Go for web development?
Why use Go for web development?Weng Wei
 
Why real integration developers ride Camels
Why real integration developers ride CamelsWhy real integration developers ride Camels
Why real integration developers ride CamelsChristian Posta
 
Streams API (Web Engines Hackfest 2015)
Streams API (Web Engines Hackfest 2015)Streams API (Web Engines Hackfest 2015)
Streams API (Web Engines Hackfest 2015)Igalia
 
10 Things You Can Do to Speed Up Your Web App Today
10 Things You Can Do to Speed Up Your Web App Today10 Things You Can Do to Speed Up Your Web App Today
10 Things You Can Do to Speed Up Your Web App TodayChris Love
 
Continuous Integration In A PHP World
Continuous Integration In A PHP WorldContinuous Integration In A PHP World
Continuous Integration In A PHP WorldIdaf_1er
 
Mobile ECM with JavaScript - JSE 2011
Mobile ECM with JavaScript - JSE 2011Mobile ECM with JavaScript - JSE 2011
Mobile ECM with JavaScript - JSE 2011Nuxeo
 
Pearls and Must-Have Tools for the Modern Web / .NET Developer
Pearls and Must-Have Tools for the Modern Web / .NET DeveloperPearls and Must-Have Tools for the Modern Web / .NET Developer
Pearls and Must-Have Tools for the Modern Web / .NET DeveloperOfer Zelig
 
MEAN Stack WeNode Barcelona Workshop
MEAN Stack WeNode Barcelona WorkshopMEAN Stack WeNode Barcelona Workshop
MEAN Stack WeNode Barcelona WorkshopValeri Karpov
 
#SPSOttawa 2017 migrate to the #SharePoint Framework #spfx
#SPSOttawa 2017 migrate to the #SharePoint Framework #spfx#SPSOttawa 2017 migrate to the #SharePoint Framework #spfx
#SPSOttawa 2017 migrate to the #SharePoint Framework #spfxVincent Biret
 
WTF: Where To Focus when you take over a Drupal project
WTF: Where To Focus when you take over a Drupal projectWTF: Where To Focus when you take over a Drupal project
WTF: Where To Focus when you take over a Drupal projectSymetris
 
[Pinto] Is my SharePoint Development team properly enlighted?
[Pinto] Is my SharePoint Development team properly enlighted?[Pinto] Is my SharePoint Development team properly enlighted?
[Pinto] Is my SharePoint Development team properly enlighted?European Collaboration Summit
 
ekb.py: KISS REST API
ekb.py: KISS REST APIekb.py: KISS REST API
ekb.py: KISS REST APIYury Yurevich
 
Automated Acceptance Testing from Scratch
Automated Acceptance Testing from ScratchAutomated Acceptance Testing from Scratch
Automated Acceptance Testing from ScratchExcella
 
ekbpy'2012- Юрий Юревич - Как сделать REST API на Python
ekbpy'2012- Юрий Юревич - Как сделать REST API на Pythonekbpy'2012- Юрий Юревич - Как сделать REST API на Python
ekbpy'2012- Юрий Юревич - Как сделать REST API на Pythonit-people
 
CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010Joel Gascoigne
 
Stapling and patching the web of now - ForwardJS3, San Francisco
Stapling and patching the web of now - ForwardJS3, San FranciscoStapling and patching the web of now - ForwardJS3, San Francisco
Stapling and patching the web of now - ForwardJS3, San FranciscoChristian Heilmann
 
Building Awesome APIs with Lumen
Building Awesome APIs with LumenBuilding Awesome APIs with Lumen
Building Awesome APIs with LumenKit Brennan
 
Oscon 2011-mueller-weinre
Oscon 2011-mueller-weinreOscon 2011-mueller-weinre
Oscon 2011-mueller-weinrepmuellr
 
APIs distribuidos con alta escalabilidad
APIs distribuidos con alta escalabilidadAPIs distribuidos con alta escalabilidad
APIs distribuidos con alta escalabilidadSoftware Guru
 

Semelhante a Progressive Enhancement using WSGI (20)

Why use Go for web development?
Why use Go for web development?Why use Go for web development?
Why use Go for web development?
 
Intro to CakePHP
Intro to CakePHPIntro to CakePHP
Intro to CakePHP
 
Why real integration developers ride Camels
Why real integration developers ride CamelsWhy real integration developers ride Camels
Why real integration developers ride Camels
 
Streams API (Web Engines Hackfest 2015)
Streams API (Web Engines Hackfest 2015)Streams API (Web Engines Hackfest 2015)
Streams API (Web Engines Hackfest 2015)
 
10 Things You Can Do to Speed Up Your Web App Today
10 Things You Can Do to Speed Up Your Web App Today10 Things You Can Do to Speed Up Your Web App Today
10 Things You Can Do to Speed Up Your Web App Today
 
Continuous Integration In A PHP World
Continuous Integration In A PHP WorldContinuous Integration In A PHP World
Continuous Integration In A PHP World
 
Mobile ECM with JavaScript - JSE 2011
Mobile ECM with JavaScript - JSE 2011Mobile ECM with JavaScript - JSE 2011
Mobile ECM with JavaScript - JSE 2011
 
Pearls and Must-Have Tools for the Modern Web / .NET Developer
Pearls and Must-Have Tools for the Modern Web / .NET DeveloperPearls and Must-Have Tools for the Modern Web / .NET Developer
Pearls and Must-Have Tools for the Modern Web / .NET Developer
 
MEAN Stack WeNode Barcelona Workshop
MEAN Stack WeNode Barcelona WorkshopMEAN Stack WeNode Barcelona Workshop
MEAN Stack WeNode Barcelona Workshop
 
#SPSOttawa 2017 migrate to the #SharePoint Framework #spfx
#SPSOttawa 2017 migrate to the #SharePoint Framework #spfx#SPSOttawa 2017 migrate to the #SharePoint Framework #spfx
#SPSOttawa 2017 migrate to the #SharePoint Framework #spfx
 
WTF: Where To Focus when you take over a Drupal project
WTF: Where To Focus when you take over a Drupal projectWTF: Where To Focus when you take over a Drupal project
WTF: Where To Focus when you take over a Drupal project
 
[Pinto] Is my SharePoint Development team properly enlighted?
[Pinto] Is my SharePoint Development team properly enlighted?[Pinto] Is my SharePoint Development team properly enlighted?
[Pinto] Is my SharePoint Development team properly enlighted?
 
ekb.py: KISS REST API
ekb.py: KISS REST APIekb.py: KISS REST API
ekb.py: KISS REST API
 
Automated Acceptance Testing from Scratch
Automated Acceptance Testing from ScratchAutomated Acceptance Testing from Scratch
Automated Acceptance Testing from Scratch
 
ekbpy'2012- Юрий Юревич - Как сделать REST API на Python
ekbpy'2012- Юрий Юревич - Как сделать REST API на Pythonekbpy'2012- Юрий Юревич - Как сделать REST API на Python
ekbpy'2012- Юрий Юревич - Как сделать REST API на Python
 
CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010CodeIgniter for Startups, cicon2010
CodeIgniter for Startups, cicon2010
 
Stapling and patching the web of now - ForwardJS3, San Francisco
Stapling and patching the web of now - ForwardJS3, San FranciscoStapling and patching the web of now - ForwardJS3, San Francisco
Stapling and patching the web of now - ForwardJS3, San Francisco
 
Building Awesome APIs with Lumen
Building Awesome APIs with LumenBuilding Awesome APIs with Lumen
Building Awesome APIs with Lumen
 
Oscon 2011-mueller-weinre
Oscon 2011-mueller-weinreOscon 2011-mueller-weinre
Oscon 2011-mueller-weinre
 
APIs distribuidos con alta escalabilidad
APIs distribuidos con alta escalabilidadAPIs distribuidos con alta escalabilidad
APIs distribuidos con alta escalabilidad
 

Mais de Matthew Wilkes

"We fixed it ourselves" - ZODB corruption recovery
"We fixed it ourselves" - ZODB corruption recovery"We fixed it ourselves" - ZODB corruption recovery
"We fixed it ourselves" - ZODB corruption recoveryMatthew Wilkes
 
Privacy best practice and Plone
Privacy best practice and PlonePrivacy best practice and Plone
Privacy best practice and PloneMatthew Wilkes
 
Open Source Security – A vendor's perspective
Open Source Security – A vendor's perspectiveOpen Source Security – A vendor's perspective
Open Source Security – A vendor's perspectiveMatthew Wilkes
 
How Plone's Security Works
How Plone's Security WorksHow Plone's Security Works
How Plone's Security WorksMatthew Wilkes
 
Performance for Product Developers
Performance for Product DevelopersPerformance for Product Developers
Performance for Product DevelopersMatthew Wilkes
 
High performance sites made easy
High performance sites made easyHigh performance sites made easy
High performance sites made easyMatthew Wilkes
 

Mais de Matthew Wilkes (6)

"We fixed it ourselves" - ZODB corruption recovery
"We fixed it ourselves" - ZODB corruption recovery"We fixed it ourselves" - ZODB corruption recovery
"We fixed it ourselves" - ZODB corruption recovery
 
Privacy best practice and Plone
Privacy best practice and PlonePrivacy best practice and Plone
Privacy best practice and Plone
 
Open Source Security – A vendor's perspective
Open Source Security – A vendor's perspectiveOpen Source Security – A vendor's perspective
Open Source Security – A vendor's perspective
 
How Plone's Security Works
How Plone's Security WorksHow Plone's Security Works
How Plone's Security Works
 
Performance for Product Developers
Performance for Product DevelopersPerformance for Product Developers
Performance for Product Developers
 
High performance sites made easy
High performance sites made easyHigh performance sites made easy
High performance sites made easy
 

Último

Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?SANGHEE SHIN
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataSafe Software
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 

Último (20)

Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 

Progressive Enhancement using WSGI

  • 1. Progressive enhancement using WSGI Matthew Wilkes
  • 2. /ˈwɪski/ A Python API for web applications
  • 3. Matthew Wilkes • Zope / Plone core developer. • Performance and Security work at the Code Distillery • WSGI/Whisky snob. • Developed large applications using WSGI. • Co-author of the Zope’s WSGI support.
  • 4. WSGI apps Just an API for handling HTTP requests. Used by: • Pyramid • Zope • CherryPy • Web2Py • … most people
  • 5. Composites Composites join multiple WSGI apps together • Subsite URL Routing • Management screens
  • 6. Middlewares Middlewares are used for changing a webapp’s input/output • Theming/Design • Error handling • Adding features • URL rewriting • Embargos of information
  • 8. Python specific • “Middlewares are easier to write than normal libraries” • Cannot assume that you won’t want to use it on a PHP app in future • Proxies allow heterogenous applications to be composed • Being language agnostic doesn’t mean you will have to write Perl code (it helps you avoid it)
  • 9. A waste of time • Simple modifications work best as middlewares • But, simple modifications are easy in your framework • “I should just fix it in place” • “This wouldn’t be useful to other people, so I’ll leave it in the customer project” • You’ll likely make another website sometime soon
  • 11. Great libraries • WebOb makes requests easy to deal with. • The wsgiref WSGI web server is in the Standard Library • Lots of other server frontends to select for production • Paste’s Transparent Proxy lets you test the middleware on any website • lxml makes managing HTML easy • PasteDeploy provides .ini app composition
  • 12. Templates • http://pypi.python.org/pypi/wsgitemplates • http://pythonpaste.org/deploy/#the-config-file • http://docs.webob.org/en/latest/wiki-example.html
  • 13. But… you said progressive enhancement
  • 14. CAPTCHAs • Many ways to do them in Plone • Archetypes, formlib, z3c.form, custom view, plone.app.discussion, PloneFormGen, … • Some code reuse • Not enough • So, middleware?
  • 15. CAPTCHAs • If we’re building a new application we have the most flexibility. • We want a boolean, isHuman. • Simplest CAPTCHA possible is a checkbox. (Hey! No lying, Spambots!) • So, add that with your favourite form library.
  • 17. CAPTCHAs • Not a very effective CAPTCHA. • But, many historical CAPTCHAs are now unusable… • As the enemy is getting better, too. • Need to decouple the logic of ‘test for human’ and the method. • Use a WSGI Middleware to rewrite the form.
  • 19. The code • The middleware extracts the checkboxes from the application as requests are served. • CAPTCHAs are generated and the image inserted. • The valid responses are stored in memory. • Inbound requests check the input and emulate selecting the checkbox.
  • 20. CAPTCHAs • A small Python class will now work on any web-app backend. • If you happen to have another application that also outputs the checkboxes, this will slot right in front • But… you don’t really want to be adding checkboxes to the legacy apps. • So, middleware?
  • 21. The code • The middleware detects <form>s as requests are served. • The checkbox is inserted • Inbound requests check if the checkbox is selected • If not, redirect back with form data in GET • Otherwise, remove the checkbox value and POST on.
  • 23. Maybe. • Performance damage is very low. • Decide on the what will save you the most development time in the long-term. • Need more initial effort for the middleware • But all your deployments that use it can do so without the ‘upgrade the customer site to the latest trunk’ tax that stops you right now. • And it can be open sourced, so others will help you add features.
  • 25. The Code Distillery Bristol Questions? Or contact us on: alan@thedistillery.eu matt@thedistillery.eu