1 Introduction
2 ------------
3
4 WebStack is a package which provides a common API for Python Web
5 applications, regardless of the underlying server or framework environment.
6 It should be possible with WebStack to design and implement an application,
7 to choose a deployment environment, and then to be able to deploy the
8 application in a different environment later on without having to go back
9 and rewrite substantial parts of the application.
10
11 Quick Start
12 -----------
13
14 Try running the demo:
15
16 python tools/demo.py
17
18 An introductory guide to creating applications can be found in the docs
19 directory - see docs/index.html for the start page.
20
21 Contact, Copyright and Licence Information
22 ------------------------------------------
23
24 The current Web page for WebStack at the time of release is:
25
26 http://www.boddie.org.uk/python/WebStack.html
27
28 Copyright and licence information can be found in the docs directory - see
29 docs/LICENCE.txt and docs/LICENCE-PyServlet.txt for more information.
30
31 Framework Support
32 -----------------
33
34 Currently, BaseHTTPRequestHandler (via BaseHTTPServer in the standard
35 library), CGI, Jython/Java Servlet API, mod_python, Twisted, Webware, WSGI
36 and Zope 2 are supported. Each framework has its own set of strengths and
37 weaknesses, but the idea is that deployment concerns can be considered
38 separately from the implementation of application functionality. Consult the
39 NOTES.txt files in each framework's subdirectory of the docs directory for
40 some notes on how applications may be run in each environment.
41
42 Tested Frameworks Release Information
43 ----------------- -------------------
44
45 BaseHTTPRequestHandler Python 2.2.2, Python 2.3.3, Python 2.4.1
46 CGI Apache 2.0.44, Apache 2.0.53, AOLserver 4.0.10, lighttpd 1.3.15
47 Jython/Java Servlet API Jython 2.1, Java JDK 1.3.1_02, Tomcat 4.1.27 (Servlet 2.3)
48 mod_python 3.0.3 (3.1.3 for framework cookie and session support)
49 Twisted 1.0.5, 1.3.0
50 Webware 0.8.1, CVS (2004-02-06)
51 WSGI run_with_cgi (PEP 333)
52 Zope 2.7.2-0, 2.8.0-final
53
54 New in WebStack 0.10 (Changes since WebStack 0.9)
55 -------------------------------------------------
56
57 Changes to make the tools/demo.py script work on Windows (and other) platforms
58 (suggested by Jim Madsen).
59 Fixed end of header newlines for CGI (suggested by Matt Harrison).
60 Minor documentation fixes and improvements, adding information on AOLserver in
61 the CGI and Webware notes.
62 Changed the mod_python server name method to use the server object rather than
63 the connection object.
64 Added a parameter to the ResourceMap.MapResource class to permit automatic
65 redirects into resource hierarchies when no trailing "/" was given in the URL;
66 changed the updated virtual path info so that empty values may be set (the
67 guarantee that "/" will always appear no longer applies).
68 Fixed virtual path info retrieval when the value is an empty string.
69
70 New in WebStack 0.9 (Changes since WebStack 0.8)
71 ------------------------------------------------
72
73 Standardised error handling in the adapters so that tracebacks can be
74 suppressed and an internal server error condition raised.
75 Added overriding of path info in transactions.
76 Added a ResourceMap resource for dispatching to different resources
77 according to path components.
78 Standardised deployment for some frameworks (see docs/deploying.html).
79 Introductory documentation in XHTML format.
80 Added server name and port methods to the transaction.
81 Added a simple demonstration application, incorporating many of the examples
82 and launched under a single script.
83 Fixed mod_python native sessions.
84 Fixed Zope request stream access.
85 WebStack is now licensed under the LGPL - see docs/COPYING.txt for details.
86
87 New in WebStack 0.8 (Changes since WebStack 0.7)
88 ------------------------------------------------
89
90 Added a standard exception, EndOfResponse, which can be used to immediately
91 stop the processing/production of a response; this is useful when resources
92 need to issue a redirect without unnecessary content being generated, for
93 example.
94 Fixed path information for Zope.
95 Added WSGI support.
96 Verified Twisted 1.3.0 support with Python 2.3.3.
97
98 New in WebStack 0.7 (Changes since WebStack 0.6)
99 ------------------------------------------------
100
101 Fixed path information semantics.
102 Fixed file upload semantics.
103 Fixed content type handling for Unicode output and for interpreting request
104 body fields/parameters (although some improvement remains).
105 Added a method to discover the chosen response stream encoding.
106 Fixed field/parameter retrieval so that path and body fields are distinct,
107 regardless of the framework employed.
108 Added a method to get a combination of path and body fields (suggested by
109 Jacob Smullyan).
110 Introduced Zope 2 support.
111 Improved Jython/Java Servlet API support (although a special PyServlet class
112 must now be used, and certain libraries must be deployed with applications).
113 Introduced authentication/authorisation support for Jython/Java Servlet API.
114 Session support has been added (except for Webware 0.8.1).
115 Alternative cookie support for mod_python has been added.
116 Cookie support now supports encoded Unicode sequences for names and values.
117
118 New in WebStack 0.6 (Changes since WebStack 0.5)
119 ------------------------------------------------
120
121 Introduced Jython/Java Servlet API support.
122 Minor fixes to example applications and to BaseHTTPRequestHandler.
123
124 New in WebStack 0.5 (Changes since WebStack 0.4)
125 ------------------------------------------------
126
127 Changed request body fields/parameters so that they are now represented
128 using Unicode objects rather than plain strings.
129 Introduced better support for Unicode in response streams.
130
131 New in WebStack 0.4 (Changes since WebStack 0.3)
132 ------------------------------------------------
133
134 Added application definition of user identity, permitting alternative
135 authentication mechanisms.
136 Improved BaseHTTPRequestHandler and mod_python reliability around fields
137 from request bodies.
138 Provided stream and environment parameterisation in the CGI adapter.
139 Added LoginRedirect and Login examples.
140 Added get_path_without_query and fixed get_path behaviour.
141
142 New in WebStack 0.3 (Changes since WebStack 0.2)
143 ------------------------------------------------
144
145 Added better header support for Webware (suggested by Ian Bicking).
146 Introduced CGI and Java Servlet support (the latter is currently
147 broken/unfinished).
148 Introduced support for cookies.
149
150 Future Work
151 -----------
152
153 (Essential)
154
155 JythonServlet libraries need to be configured using sys.add_package when
156 these do not feature in the compiled-in list. Adding such configuration to
157 the handler may be most appropriate (since the web.xml file can be too
158 arcane), but this needs testing.
159
160 (Important)
161
162 Things to consider for future releases: improved cookie support, redirects,
163 access to shared resources and much better documentation.
164
165 Field access needs testing, especially for anything using the
166 cgi.FieldStorage class, and the way file uploads are exposed should be
167 reviewed (currently the meta-data is not exposed). The acquisition of fields
168 from specific sources should be tested with different request methods - some
169 frameworks provide path fields in the body fields dictionary, others (eg.
170 Zope) change the fields exposed depending on request method.
171
172 Interpretation of path field encodings needs to be verified. Currently,
173 stray path fields are handled (eg. in WebStack.Helpers.Request) as being
174 ISO-8859-1, but it might be the case that some such fields might be
175 submitted as UTF-8.
176
177 Cookie objects need defining strictly, especially since the standard library
178 Cookie object behaves differently to mod_python (and possibly Webware)
179 Cookie objects. Moreover, the set_cookie_value method needs to provide
180 access to the usual cookie parameters as supported by the frameworks. The
181 standard library Cookie module has issues with Unicode cookie names (and
182 possibly values) - this is worked around, but it would be best to resolve
183 this comprehensively.
184
185 UTF-16 (and possibly other encodings) causes problems with HTML form data
186 sent in POST requests using the application/x-www-form-urlencoded content
187 type. This should be reviewed at a later date when proper standardisation
188 has taken place.
189
190 Session support, especially through WebStack.Helpers.Session, should be
191 reviewed and be made compatible with non-cookie mechanisms.
192
193 HeaderValue objects should be employed more extensively. Thus, the header
194 access methods may need to change their behaviour slightly.
195
196 Investigate the nicer functions in the cgi module, discarding the "magic"
197 stuff like FieldStorage.
198
199 WSGI support could demand that a special "end of headers" method be
200 introduced into WebStack, thus making response output more efficient (and
201 probably also for other frameworks, too).
202
203 The algorithm employed in the WebStack.Helpers.Auth.get_token function
204 should be reviewed and improved for better security.
205
206 Investigate proper support for HEAD, OPTIONS and other request methods.
207
208 Consider packages for different operating systems.
209
210 (Completed/rejected)
211
212 The location of deployed applications in the filesystem should be exposed to
213 those applications. (This is actually available in the __file__ module
214 variable.)
215
216 Path information should be consistent across all frameworks, and the "path
217 info" value should be meaningful. (This should now be correct.)
218
219 Release Procedures
220 ------------------
221
222 Update the WebStack/__init__.py __version__ attribute.
223 Change the version number and package filename/directory in the documentation.
224 Change code examples in the documentation if appropriate.
225 Update the release notes (see above).
226 Check the setup.py file and ensure that all package directories are mentioned.
227 Tag, export.
228 Generate the PyServlet classes.
229 Generate the API documentation.
230 Remove generated .pyc files: rm `find . -name "*.pyc"`
231 Archive, upload.
232 Upload the introductory documentation.
233 Update PyPI, PythonInfo Wiki, Vaults of Parnassus entries.
234
235 Generating the API Documentation
236 --------------------------------
237
238 In order to prepare the API documentation, it is necessary to generate some
239 Web pages from the Python source code. For this, the epydoc application must
240 be available on your system. Then, inside the WebStack directory, run the
241 apidocs.sh tool script as follows:
242
243 ./tools/apidocs.sh
244
245 Some warnings may be generated by the script, but the result should be a new
246 apidocs directory within the WebStack directory.