Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Johannes Bauer 
On 23.05.2015 05:31, Michael Torrie wrote:

> Sigh. I blame this as much on the browser.  There's no inherent reason
> why a connection to a site secured with a self-signed certificate is
> insecure.

The problem is *not* that the certificate is self-signed.

It's that it's unknown previously to being encountered within the TLS
handshake. And that *does* make it inherently insecure.

Not algorithmically, obviously.  I can still do a DH-handshake with the
remote peer that will generate a shared secret no eavesdropper will
know. The browser just can't be sure that whoever it negotiated the DH
with is really the endpoint (i.e. the webserver). That is the problem.

I dislike CAs as much as the next guy. But the problem of distributing
trust is just not easy to solve, a TTP is a way out. Do you have an
alternative that does not at the same time to providing a solution also
opens up obvious attack surface?

Cheers,
Johannes

-- 
>> Wo hattest Du das Beben nochmal GENAU vorhergesagt?
> Zumindest nicht öffentlich!
Ah, der neueste und bis heute genialste Streich unsere großen
Kosmologen: Die Geheim-Vorhersage.
 - Karl Kaos über Rüdiger Thomas in dsa 
-- 
https://mail.python.org/mailman/listinfo/python-list

Extract email address from Java script in html source using python

2015-05-23 Thread savitha devi 
I am developing a web scraper code using HTMLParser. I need to extract
text/email address from java script with in the HTMLCode.I am beginner
level in python coding and totally lost here. Need some help on this. The
java script code is as below:

Re: Camelot a good tool for me

2015-05-23 Thread Chris Angelico 
On Sat, May 23, 2015 at 5:12 AM, Lele Gaifax  wrote:
> Chris Angelico  writes:
>
>> SQLAlchemy has its uses, and it does solve a number of
>> issues in reasonably clean ways, but I don't like a few of its facets,
>> including its peculiar way of doing foreign key relationships. (You
>> put a foreign key in the child, and you put a relationship in the
>> parent, which feels backwards.)
>
> You are conflating two different layers, core and ORM. ORM relationships can
> be declared either on the parent or on the child, it's up to your taste.

Not sure why that's distinguishable. If I have two tables like this:

Users:
id sequential primary key
name text

Tasks
id sequential primary key
owner integer
assignee integer

Both the owner and the assignee refer to the Users table; the owner is
a mandatory connection (every task was created by someone, who
initially owns it), and the assignee is an optional connection (a
newly-created task isn't assigned to anyone). With me so far? Okay.

Now, if I were to represent these tables in SQLAlchemy, obviously I
need to have foreign key relationships encoded in SQLAlchemy. But if
I'm to enforce these relationships on the underlying database, it's
equally obvious that I need foreign key constraints. I would expect
that a relationship encoded in SQLAlchemy should cause the creation of
a constraint in the database. They're fundamentally the same thing.

My point about backwards is that my tables here are declared in a
strict order: parent table, then child table. In the child table, a
constraint is created by saying "references Users", and the Users
table already exists. At no point is there ever a forward reference.
Code would look like this:

create table Users (id serial primary key, name text not null default '');
create table Tasks (id serial primary key, owner integer not null
references Users, assignee integer references Users);

But with SQLAlchemy, you have a tag in the Users table's definition
saying that it has a relationship with Tasks, as well as a foreign key
in Tasks stating the connection to Users. That violates "Define Before
Use", which isn't a strict policy, but it does feel a little bit
"dirty".

>> When magic works, it's great; but when anything goes wrong, it's harder to
>> see what happened.
>
> The same can be said of almost any upper layer in a software stack.

Precisely. All magic has to justify itself. Some can, easily. Some
can't. A lot is in the middle, where it's part of the tradeoffs.

>> Also, when does a transaction begin and end?
>
> When I need transactions (that is, when I'm changing the database) I'm very
> picky and use explicit begins, commits and rollbacks, so I don't recall
> experiencing that doubt.

That's all very well when you write your own code. Now try picking up
someone else's code. Or, for a mid-way concern, try explaining to a
junior developer how to make sure his transactions are right. With
psycopg2, it's easy enough to do this:

with conn, conn.cursor() as cur:
cur.execute("")
cur.execute("")

When the with block exits, the transaction is either committed (if all
went well) or rolled back (if an exception was raised). It's very
simple, easy to do, and easy to audit ("all SQL queries must be inside
a with block that grants a cursor", and possibly "cursor-granting with
blocks must not be nested").

>> If you session.commit() in the middle of iterating over a query, will it
>> break the query? What if you roll back? Can you see, instantly, in your
>> code?
>
> Why would you do that? Are you closing your files while you iterate them,
> without leaving the loop in some way at the same time?

There's advice out there on the internet that says that committing
periodically in the middle of a big job makes your code run faster.
It's from the PHP + MySQL school of thought, where the assumption is
that finishing is the most important thing, finishing quickly is a
close second, and guaranteeing correctness isn't even on the radar.
Now try coping with code that was written under that model.

Fortunately, I haven't actually seen anything quite like this in
SQLAlchemy. The worst I saw was a case where someone was iterating
over a query and performed another query, which did indeed break the
fetching of results. But the more magic you have, the less obvious
that is.

>> Even if the ORM layer is practically perfect in every way,
>> there's still value in learning SQL; for instance, if you drop to a
>> command-line interpreter like PostgreSQL's psql, or if you switch to
>> another language, or anything like that, it's helpful to know what's
>> going on under the covers. And if you have to know SQL anyway, the
>> advantage of the abstraction layer has to justify the cost of learning
>> an additional, not a replacement, API.
>
> No doubt on that. Working with SQLAlchemy is not an alterative to knowing SQL
> fairly well. SA does hide "details" (name quoting syntax, to mention one
> obvious detail), but does no

Re: Extract email address from Java script in html source using python

2015-05-23 Thread Chris Angelico 
On Sat, May 23, 2015 at 4:46 PM, savitha devi  wrote:
> I am developing a web scraper code using HTMLParser. I need to extract
> text/email address from java script with in the HTMLCode.I am beginner level
> in python coding and totally lost here. Need some help on this. The java
> script code is as below:
>
>

Re: PYTHONPATH when calling from ipython

2015-05-23 Thread Mark Lawrence 

On 22/05/2015 06:20, Cecil Westerhof wrote:

I am looking into using ipython instead of bash. But when I call a
python program from ipython PYTHONPATH is not set. So pythonscripts
that need a module through PYTHONPATH will not work.

I could do something like:
 !PYTHONPATH=~/Python/PythonLibrary python2 …

But I find that a little bit cumbersome. Is there a better way to do
it?



What makes you think this?  Have you tried:-

>>> import os
>>> os.environ['PYTHONPATH']
'C:\\Users\\Mark\\Documents\\Cash\\Python;C:\\Users\\Mark\\Documents\\MyPython'

That might be from the command line interpreter but it also works the 
same from iPython for me on Windows 8.1.


--
My fellow Pythonistas, ask not what our language can do for you, ask
what you can do for our language.

Mark Lawrence

--
https://mail.python.org/mailman/listinfo/python-list

Re: need help with an accessibility prototype

2015-05-23 Thread Laura Creighton 
In a message of Fri, 22 May 2015 23:31:19 -0700, Ned Deily writes:
>Tcl/Tk 8.4 is quite old and no longer maintained; 8.6.x is current, 
>although 8.5.x is also still in use.
>
>http://www.tcl.tk/man/tcl8.6/TkCmd/keysyms.htm
>
> Ned Deily,
> n...@acm.org

Thank you Ned.  Old bookmark from when I needed this the last time --
sorry about that.  Do you know if you still need to use 8.5 if you are
on Mac OS? i.e.  is this page current?
https://www.python.org/download/mac/tcltk/

Laura
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Tim Daneliuk 
On 05/22/2015 11:11 PM, amber wrote:
> «»
> 
> On 22/05/2015 21:40, Tim Daneliuk wrote:
>>https://www.tundraware.com/TechnicalNotes/Python-Is-Middleware/
> Quoting that article
> «And no, you couldn't get a C based OS to do what TPF does even if you
> did have a couple hundred million dollars to redo it, »
> 
> Why couldn't a C based OS do what TPF does?
> 
> My understanding is that if the programming language is Turing-Complete,
> it can do anything that any other Turing-Complete language can do.  And
> that assembler is a Turing-Complete language.
> 
> jonathon
> 
> 
> 
> 


C could - in principle - do it.  As you point out, both are Turing Complete.
But, "in principle" is quite different than "in actual fact".  At the time
that article was written almost 15 years ago, the TPF systems in use
were running applications written in hand optimized assembly language on the
largest mainframes money could buy.  Everything about that environment was
optimized for speed - from partially populating disk surfaces to running the
thinnest possible operating system executive.  (In those days, TPF itself 
didn't 
even have memory protection, or at least, it was just being added as an OS
feature.)

The point is that it would have been nearly impossible technically to
rewrite all that in C and expect the same level of minimal path length/
max throughput.  Give the sheer transaction load on those machines, this
would have been a showstopper.

But that was then and this is now.  These days, much of that capability 
HAS been written in higher level languages because of scale-out architectures
and messaging/queuing middleware.  Instead of one very fast centralized 
cluster of mainframes, we see thousands of servers spreading the workload
and achieving much the same results.  This has it's own challenges.  Managing
a few things is harder than managing thousands of things. 

-- 

Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Tim Daneliuk 
On 05/22/2015 08:54 PM, Terry Reedy wrote:
> On 5/22/2015 5:40 PM, Tim Daneliuk wrote:
> 
>> Lo these many years ago, I argued that Python is a whole lot more than
>> a programming language:
>>
>> https://www.tundraware.com/TechnicalNotes/Python-Is-Middleware/
> 
> Perhaps something at tundraware needs updating.
> '''
> This Connection is Untrusted
> 
> You have asked Firefox to connect securely to www.tundraware.com, but we 
> can't confirm that your connection is secure.
> 
> Normally, when you try to connect securely, sites will present trusted 
> identification to prove that you are going to the right place. However, this 
> site's identity can't be verified.
> '''
> 

It's self signed - something done quite routinely on the net.

-- 

Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: PYTHONPATH when calling from ipython

2015-05-23 Thread Cecil Westerhof 
Op Saturday 23 May 2015 11:12 CEST schreef Mark Lawrence:

> On 22/05/2015 06:20, Cecil Westerhof wrote:
>> I am looking into using ipython instead of bash. But when I call a
>> python program from ipython PYTHONPATH is not set. So pythonscripts
>> that need a module through PYTHONPATH will not work.
>>
>> I could do something like:
>> !PYTHONPATH=~/Python/PythonLibrary python2 …
>>
>> But I find that a little bit cumbersome. Is there a better way to
>> do it?
>>
>
> What makes you think this?  Have you tried:-
>
 import os
 os.environ['PYTHONPATH']
> 'C:\\Users\\Mark\\Documents\\Cash\\Python;C:\\Users\\Mark\\Documents\\MyPython'
>
> That might be from the command line interpreter but it also works
> the same from iPython for me on Windows 8.1.

That does not change anything. The modules are not found. Also not
when using %run.

-- 
Cecil Westerhof
Senior Software Engineer
LinkedIn: http://www.linkedin.com/in/cecilwesterhof
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Jon Ribbens 
On 2015-05-23, Michael Torrie  wrote:
> On 05/22/2015 10:10 PM, Ian Kelly wrote:
>> There is still some value in TLS with a self-signed certificate in 
>> that at least the connection is encrypted and can't be eavesdropped
>> by an attacker who can only read the channel, but there is no
>> assurance that the party you're communicating with actually owns the
>> public key that you've been presented.
>
> The same can be said of CA-signed certificates.

I think you are falling into the trap of believing that all things are
either perfect or they are worthless. CAs aren't perfect, but neither
are they worthless. A self-signed certificate, however, is worthless.

> The only way to know if the site is who they say they are is to know
> what the cert's fingerprint ought to be and see if it still is. I
> used to use a firefox plugin for this purpose, but certs for some
> major sites like even www.google.com change with such frequency that
> the utility of the plugin went away.

http://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Tim Chase 
On 2015-05-23 11:10, Jon Ribbens wrote:
> On 2015-05-23, Michael Torrie  wrote:
> > The same can be said of CA-signed certificates.
> 
> I think you are falling into the trap of believing that all things
> are either perfect or they are worthless. CAs aren't perfect, but
> neither are they worthless. A self-signed certificate, however, is
> worthless.

A self-signed certificate may be of minimal worth the *first* time you
visit a site, but if you return to the site, that initial
certificate's signature can be used to confirm that you're talking to
the same site you talked to previously.  This is particularly
valuable on a laptop where you make initial contact over a (I
hesitate to say "more secure") less hostile connection through your
home ISP.  Then, when you're out at the library, coffee-shop, or some
hacker convention on their wifi, it's possible to determine whether
you're securely connecting to the *same* site, or whether an attempt
is being made to MitM because the cert changed.

-tkc



-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Tim Daneliuk 
On 05/22/2015 11:49 PM, Chris Angelico wrote:
> When the information you're sharing is completely public,
> there's no point taking the overhead of encryption.


I disagree.  With two different ways to access data, the metadata about
when you do- and do not use an encrypted channel can be useful to
a snoopy third party.  For example, repressive governments might use
the fact of your connecting via https as a prima facie evidence you're
doing something subversive.  The argument for https everywhere is that this
sort of distinction becomes impossible to make and one less piece of metadata
is left around to misuse.


-- 

Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Tim Daneliuk 
On 05/23/2015 01:55 AM, Johannes Bauer wrote:
> On 23.05.2015 05:31, Michael Torrie wrote:
> 
>> Sigh. I blame this as much on the browser.  There's no inherent reason
>> why a connection to a site secured with a self-signed certificate is
>> insecure.
> 
> The problem is *not* that the certificate is self-signed.
> 
> It's that it's unknown previously to being encountered within the TLS
> handshake. And that *does* make it inherently insecure.
> 
> Not algorithmically, obviously.  I can still do a DH-handshake with the
> remote peer that will generate a shared secret no eavesdropper will
> know. The browser just can't be sure that whoever it negotiated the DH
> with is really the endpoint (i.e. the webserver). That is the problem.
> 
> I dislike CAs as much as the next guy. But the problem of distributing
> trust is just not easy to solve, a TTP is a way out. Do you have an
> alternative that does not at the same time to providing a solution also
> opens up obvious attack surface?
> 
> Cheers,
> Johannes
> 

Trust has context.  You're going to that site to read an article.  This
is rather different than, say, going somewhere to transact commerce or
move money.

I have been doing an experiment with tundraware.com to try out https
everywhere to see just what breaks and who squawks.  I've seen a number
of concerns like the ones on this thread.  Most interestingly, this
seems to be breaking the FreeBSD ports build mechanism for the ports
I'd previously contributed to the project.

This is a tough tradeoff.  If you don't run https, then your every interaction
with the website can be trivially monitored by a third party.   Even just
the metadata of when you do use https and when you do not can be useful
to an eavesdropper.  So, there is increasing thought that we should all just
run https everywhere all the time.  But then we run into the signing problem.
I am hoping that we will soon see free or inexpensive CAs to make that
problem go away.  See:

  https://www.eff.org/deeplinks/2014/11/certificate-authority-encrypt-entire-web



-- 

Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Chris Angelico 
On Sat, May 23, 2015 at 9:34 PM, Tim Chase
 wrote:
> A self-signed certificate may be of minimal worth the *first* time you
> visit a site, but if you return to the site, that initial
> certificate's signature can be used to confirm that you're talking to
> the same site you talked to previously.  This is particularly
> valuable on a laptop where you make initial contact over a (I
> hesitate to say "more secure") less hostile connection through your
> home ISP.  Then, when you're out at the library, coffee-shop, or some
> hacker convention on their wifi, it's possible to determine whether
> you're securely connecting to the *same* site, or whether an attempt
> is being made to MitM because the cert changed.

You can get the exact same benefit (knowing when the cert changes)
with an externally-signed cert too. How many people actually bother to
check?

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Thomas 'PointedEars' Lahn 
Chris Angelico wrote:

> […] My hobby-horse, Unicode, is a notable flaw in many languages - if you 
> ask the user for information (in the most obvious way for whatever 
> environment you're in, be that via a web browser request, or a GUI widget, 
> or text entered at the console), can it cope equally with all the world's 
> languages? What if you want to manipulate that text - is it represented as 
> a sequence of codepoints (Python 3), UTF-16 code units (JavaScript),

If only characters were represented as sequences UTF-16 code units in 
ECMAScript implementations like JavaScript, there would not be a problem 
beyond the BMP; see  
and others for details.

-- 
PointedEars

Twitter: @PointedEars2
Please do not cc me. / Bitte keine Kopien per E-Mail.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Marko Rauhamaa 
Johannes Bauer :

> I dislike CAs as much as the next guy. But the problem of distributing
> trust is just not easy to solve, a TTP is a way out. Do you have an
> alternative that does not at the same time to providing a solution
> also opens up obvious attack surface?

Here's an idea: an authentication is considered valid if it is vouched
for by the United States, China, Russia *and* the European Union. Those
governments are the only entities that would have the right to delegate
their respective certification powers to private entities. The
governments would also offer to certify anybody in the world free of
charge.


Marko
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Steven D'Aprano 
On Sat, 23 May 2015 10:33 pm, Thomas 'PointedEars' Lahn wrote:

> If only characters were represented as sequences UTF-16 code units in
> ECMAScript implementations like JavaScript, there would not be a problem
> beyond the BMP;

Are you being sarcastic?

This is Rhino:

js> var c = String.fromCharCode(65535); // in the BMP
js> print(c.charCodeAt(0));
65535

So far so good.

js> var c = String.fromCharCode(65536); // astral character
js> print(c.charCodeAt(0));
0

Can you name any ECMAScript implementation which correctly handles code
points in the supplementary multilingual planes?


By the way, for many years Python implemented Unicode as UTF-16 code units,
the so-called "narrow build":

py> c = unichr(65536)
Traceback (most recent call last):
  File "", line 1, in 
ValueError: unichr() arg not in range(0x1) (narrow Python build)

Let's try again:

py> c = u'\U0001'  # a single code point
py> len(c)
2


I'm not saying that it is impossible to have a correct Unicode implemention
using UTF-16, but I've never seen one.



-- 
Steven

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Chris Angelico 
On Sat, May 23, 2015 at 11:01 PM, Steven D'Aprano  wrote:
> I'm not saying that it is impossible to have a correct Unicode implemention
> using UTF-16, but I've never seen one.

I suspect this is partly because, if you're aiming for correct Unicode
semantics, UTF-8 offers everything that UTF-16 does and more. The only
reason to use UTF-16 is so you can pretend that UCS-2 is good enough.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Johannes Bauer 
On 23.05.2015 14:44, Marko Rauhamaa wrote:
> Johannes Bauer :
> 
>> I dislike CAs as much as the next guy. But the problem of distributing
>> trust is just not easy to solve, a TTP is a way out. Do you have an
>> alternative that does not at the same time to providing a solution
>> also opens up obvious attack surface?
> 
> Here's an idea: an authentication is considered valid if it is vouched
> for by the United States, China, Russia *and* the European Union. Those
> governments are the only entities that would have the right to delegate
> their respective certification powers to private entities. The
> governments would also offer to certify anybody in the world free of
> charge.

You propose that a set of multiple CA signatures (TTPs) is required and
that those CAs work for free.

Multiple problems with that.

Firstly, who is going to choose the TTPs? In your example you
arbitrarily chose four instances. Japan is missing from there, why?
Because you made arbitrary rules. Good luck convincing everyone
(especially the Japanese) that your choice is the "right" one. There is
never going to be agreement.

Secondly, any of the "chosen" TTPs can effectively DoS every other
country in your scenario. If the US and Russia have a conflict, each
party can become sloppy at their certifications and slow things down a
bit. Suddenly bank-of-russia.ru doesn't have a valid certificate
anymore, ooops.

Thirdly, the more TTPs you have, the less well the whole thing scales.
The whole idea of a trusted third party is that you can TRUST that party
and don't have to do additional checks (like checking agreement with
other TTPs).

Fourthly and lastly: How would this work? If I have a website running
https, how would I get my identity certified by Russia or China? I
should maybe mention that I speak neither Russian nor Chinese. And even
if I did or maybe if their CAs provided service in English, how would
they certify me? For personal identification purposes you often have to
appear in person, something that is impossible if you distribute the
scheme around the whole world.

All in all, the current CA system is shitty and has numerous problems,
but it's not like it's been designed by monkeys. Every alternative has
new problems, some of which may be even worse than the problems we have now.

Cheers,
Johannes

-- 
>> Wo hattest Du das Beben nochmal GENAU vorhergesagt?
> Zumindest nicht öffentlich!
Ah, der neueste und bis heute genialste Streich unsere großen
Kosmologen: Die Geheim-Vorhersage.
 - Karl Kaos über Rüdiger Thomas in dsa 
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Johannes Bauer 
On 23.05.2015 13:21, Tim Daneliuk wrote:

> Trust has context.  You're going to that site to read an article.  This
> is rather different than, say, going somewhere to transact commerce or
> move money.

Sure, for your site it doesn't really make a difference. And, as I said
before, having a self-signed CA certificate doing https is still WAY
better than not having it. Especially if you have PFS-only ciphersuites
configured (I didn't check, but you should if you're unsure). Because
this effectively means that you're protected against passive
eavesdropping, no matter what.

> So, there is increasing thought that we should all just
> run https everywhere all the time.  But then we run into the signing problem.
> I am hoping that we will soon see free or inexpensive CAs to make that
> problem go away.  See:

Running TLS everywhere is an awesome idea and I'm all for it. So good
that you've already made the switch :-)

But I don't think inexpensive CAs would make the signing problem go away.

I think the major flaw of the X.509 certificate PKI we have today is
that there's no namespacing whatsoever. This is a major problem, as the
Government of Untrustworthia may give out certifictes for google.de if
they wish to do so.

In my opinion, it would be great to have a suffix-option in X.509 (maybe
there's even an extension for this already and I'm not aware -
regardless, nobody is using it if there is such a thing). For example,
there'd be root certificates in the certificate store:

CA1: PF=.com signs -> CA2: PF=.google.com
CA3: PF=.de

So CA1 could give out certificates for
foo.com
www.google.com

And CA2 could give out certificates for
www.google.com

And CA3 could give out certificates for
google.de

But CA1 could never sign any .de domain webserver certificate. It would
only ever get more restrictive down the chain.

Sounds like it's trivial to implement, I wonder why it's not in place.
It must have some huge drawback that I can't think of right now.

Cheers,
Johannes


-- 
>> Wo hattest Du das Beben nochmal GENAU vorhergesagt?
> Zumindest nicht öffentlich!
Ah, der neueste und bis heute genialste Streich unsere großen
Kosmologen: Die Geheim-Vorhersage.
 - Karl Kaos über Rüdiger Thomas in dsa 
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: PYTHONPATH when calling from ipython

2015-05-23 Thread Peter Otten 
Cecil Westerhof wrote:

> Op Saturday 23 May 2015 11:12 CEST schreef Mark Lawrence:
> 
>> On 22/05/2015 06:20, Cecil Westerhof wrote:
>>> I am looking into using ipython instead of bash. But when I call a
>>> python program from ipython PYTHONPATH is not set. So pythonscripts
>>> that need a module through PYTHONPATH will not work.
>>>
>>> I could do something like:
>>> !PYTHONPATH=~/Python/PythonLibrary python2 …
>>>
>>> But I find that a little bit cumbersome. Is there a better way to
>>> do it?
>>>
>>
>> What makes you think this?  Have you tried:-
>>
> import os
> os.environ['PYTHONPATH']
>> 'C:\\Users\\Mark\\Documents\\Cash\\Python;C:
\\Users\\Mark\\Documents\\MyPython'
>>
>> That might be from the command line interpreter but it also works
>> the same from iPython for me on Windows 8.1.
> 
> That does not change anything. The modules are not found. Also not
> when using %run.
 

That may be because ~ is not expanded.

Try

os.environ["PYTHONPATH"] = os.path.expanduser("~/Python/PythonLibary")


-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Ned Batchelder 
On Saturday, May 23, 2015 at 9:01:29 AM UTC-4, Steven D'Aprano wrote:
> On Sat, 23 May 2015 10:33 pm, Thomas 'PointedEars' Lahn wrote:
> 
> > If only characters were represented as sequences UTF-16 code units in
> > ECMAScript implementations like JavaScript, there would not be a problem
> > beyond the BMP;
> 
> Are you being sarcastic?

IIUC, Thomas' point is that *characters* should be sequences of codepoints,
not that *strings* should be.

--Ned.

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Steven D'Aprano 
On Sat, 23 May 2015 10:44 pm, Marko Rauhamaa wrote:

> Johannes Bauer :
> 
>> I dislike CAs as much as the next guy. But the problem of distributing
>> trust is just not easy to solve, a TTP is a way out. Do you have an
>> alternative that does not at the same time to providing a solution
>> also opens up obvious attack surface?
> 
> Here's an idea: an authentication is considered valid if it is vouched
> for by the United States, China, Russia *and* the European Union. Those
> governments are the only entities that would have the right to delegate
> their respective certification powers to private entities.

An interesting mix of:

- one explicitly non-democratic one-party state;

- one nominally democratic but de facto autocratic state;

- one nominally democratic but de facto two-party corporatocracy;

- one supranational union of states;


If you gave them veto power over all certificate authorities (since you need
all four to agree, any of them can veto a CA), I'm not sure that they would
necessarily agree on *any* CAs. Especially since at least two of them would
be looking for any opportunity to subvert the system for the purposes of
espionage and mass surveillance.

I also don't see any reason why national governments would give up their
existing certification powers.


> The governments would also offer to certify anybody in the world free of
> charge.

Why would they do that?



-- 
Steven

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Steven D'Aprano 
On Sat, 23 May 2015 11:35 pm, Ned Batchelder wrote:

> On Saturday, May 23, 2015 at 9:01:29 AM UTC-4, Steven D'Aprano wrote:
>> On Sat, 23 May 2015 10:33 pm, Thomas 'PointedEars' Lahn wrote:
>> 
>> > If only characters were represented as sequences UTF-16 code units in
>> > ECMAScript implementations like JavaScript, there would not be a
>> > problem beyond the BMP;
>> 
>> Are you being sarcastic?
> 
> IIUC, Thomas' point is that *characters* should be sequences of
> codepoints, not that *strings* should be.

Like Python, Javascript/ECMAScript doesn't have a distinct character type,
it has strings which happen to be of length one. So I'm not sure I
understand the point you are trying to make.

There's also a bit of a problem in deciding what counts as a character. Is
IJ a single character, or two? The answer depends on whether you are Dutch
or not. Unicode punts on that decision, and leaves it up to the
application.

Unicode only concerns itself with code points, which are complex enough, and
generally programming languages follow Unicode (usually imperfectly). Each
code point (a.k.a. "character" if we're being sloppy) requires either one
or two 16-bit code units in UTF-16. I'm not sure that "1 or 2" counts as a
sequence.


-- 
Steven

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Extract email address from Java script in html source using python

2015-05-23 Thread savitha devi 
What I exactly want is the java script is in the html code. I am trying for
a regular expression to find the email address embedded with in the java
script.

On Sat, May 23, 2015 at 2:31 PM, Chris Angelico  wrote:

> On Sat, May 23, 2015 at 4:46 PM, savitha devi  wrote:
> > I am developing a web scraper code using HTMLParser. I need to extract
> > text/email address from java script with in the HTMLCode.I am beginner
> level
> > in python coding and totally lost here. Need some help on this. The java
> > script code is as below:
> >
> >

Re: Extract email address from Java script in html source using python

2015-05-23 Thread Joel Goldstick 
On Sat, May 23, 2015 at 10:15 AM, savitha devi  wrote:
> What I exactly want is the java script is in the html code. I am trying for
> a regular expression to find the email address embedded with in the java
> script.
>
> On Sat, May 23, 2015 at 2:31 PM, Chris Angelico  wrote:
>>
>> On Sat, May 23, 2015 at 4:46 PM, savitha devi  wrote:
>> > I am developing a web scraper code using HTMLParser. I need to extract
>> > text/email address from java script with in the HTMLCode.I am beginner
>> > level
>> > in python coding and totally lost here. Need some help on this. The java
>> > script code is as below:
>> >
>> >

Re: Extract email address from Java script in html source using python

2015-05-23 Thread Chris Angelico 
On Sun, May 24, 2015 at 12:15 AM, savitha devi  wrote:
> What I exactly want is the java script is in the html code. I am trying for
> a regular expression to find the email address embedded with in the java
> script.

Now you have two problems.

You can't write a regex that can interpret ECMAScript.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: PYTHONPATH when calling from ipython

2015-05-23 Thread Cecil Westerhof 
Op Saturday 23 May 2015 15:25 CEST schreef Peter Otten:

> Cecil Westerhof wrote:
>
>> Op Saturday 23 May 2015 11:12 CEST schreef Mark Lawrence:
>>
>>> On 22/05/2015 06:20, Cecil Westerhof wrote:
 I am looking into using ipython instead of bash. But when I call
 a python program from ipython PYTHONPATH is not set. So
 pythonscripts that need a module through PYTHONPATH will not
 work.

 I could do something like:
 !PYTHONPATH=~/Python/PythonLibrary python2 …

 But I find that a little bit cumbersome. Is there a better way to
 do it?

>>>
>>> What makes you think this?  Have you tried:-
>>>
>> import os
>> os.environ['PYTHONPATH']
>>> 'C:\\Users\\Mark\\Documents\\Cash\\Python;C:
> \\Users\\Mark\\Documents\\MyPython'
>>>
>>> That might be from the command line interpreter but it also works
>>> the same from iPython for me on Windows 8.1.
>>
>> That does not change anything. The modules are not found. Also not
>> when using %run.
>
>
> That may be because ~ is not expanded.
>
> Try
>
> os.environ["PYTHONPATH"] =
> os.path.expanduser("~/Python/PythonLibary")

That is not the problem:
os.environ['PYTHONPATH']
gives:
.:/home/cecil/Python'

As I interpret it is that the very handy shell variable is not used in ipython.

-- 
Cecil Westerhof
Senior Software Engineer
LinkedIn: http://www.linkedin.com/in/cecilwesterhof
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: PYTHONPATH when calling from ipython

2015-05-23 Thread Laura Creighton 
In a message of Sat, 23 May 2015 16:08:00 +0200, Cecil Westerhof writes:
>That is not the problem:
>os.environ['PYTHONPATH']
>gives:
>.:/home/cecil/Python'
>
>As I interpret it is that the very handy shell variable is not used in ipython.
>
>-- 
>Cecil Westerhof
>Senior Software Engineer
>LinkedIn: http://www.linkedin.com/in/cecilwesterhof

It's used around here.  But we all have to do:
export PYTHONPATH=${PYTHONPATH}:/usr/local/ipython/lib/python
in our .bashrc files -- or whatever you do if you don't use bash
to get things to work with ipython.

Is your problem that you are not getting one particular directory
loaded, or can you not find any modules at all?

Laura
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: PYTHONPATH when calling from ipython

2015-05-23 Thread Cecil Westerhof 
Op Saturday 23 May 2015 17:00 CEST schreef Laura Creighton:

> In a message of Sat, 23 May 2015 16:08:00 +0200, Cecil Westerhof
> writes:
>> That is not the problem:
>> os.environ['PYTHONPATH']
>> gives:
>> .:/home/cecil/Python'
>>
>> As I interpret it is that the very handy shell variable is not used
>> in ipython.
>>
>> -- 
>> Cecil Westerhof
>> Senior Software Engineer
>> LinkedIn: http://www.linkedin.com/in/cecilwesterhof
>
> It's used around here.  But we all have to do:
> export PYTHONPATH=${PYTHONPATH}:/usr/local/ipython/lib/python
> in our .bashrc files -- or whatever you do if you don't use bash
> to get things to work with ipython.

But I would like to do the same in ipython. Otherwise it is not really
a good idea to switch from bash to ipython.


> Is your problem that you are not getting one particular directory
> loaded, or can you not find any modules at all?

Normal modules are loaded. Only the ones that are found trough
PYTHONPATH are not found.

-- 
Cecil Westerhof
Senior Software Engineer
LinkedIn: http://www.linkedin.com/in/cecilwesterhof
-- 
https://mail.python.org/mailman/listinfo/python-list

Dynamic Import with sub module

2015-05-23 Thread Douglas Garstang 
All,

Can someone tell me how the following statement:

import slice_fablib_common.common as common

would be replicated with __import__ or import_module?

I'm using fabric and I want the module when imported to appear in the
namespace (which fabric shows as a task), in this case, as 'common.chef'.
With the import statement it works. However, I'm trying to load the modules
dynamically, and I just cannot work out what combination of options when
used with dynamic imports will get me to 'common.chef'.

When I get that to work, I'd like to go one step further as well. If I have
modules called slice_fablib_webapp.webapp.deploy and
slice_fablib_webapp.webapp.info, I'd like to import them as webapp.deploy
and webapp.info.

I suppose the webapp piece is a bit redundant. If I removed it, and ended
up with slice_fablib_webapp.deploy and slice_fablib_webapp.info, I'd like
to import them so that they still appear in fabric's name space as
webapp.deploy and webapp.info.

Thanks,
Doug.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Dynamic Import with sub module

2015-05-23 Thread Douglas Garstang 
Replying to my own message.

I just realised that even the case I thought would work, will not. :(

If I have:

import slice_fablib_common.common as common

I end up with fabric showing me these commands:

Available commands:

common.chef.report
common.chef.run Run the chef client.
common.chef.start   Start chef-client service.
common.chef.status  Show chef-client service status.
common.chef.stopStop chef-client service.

However, that's only because slice_fablib_common/common/__init__.py has
'import chef'. I need to be able to individually load sub-modules from
common. I'm essentially loading the entire package here because I need to
put an import for every sub module into __init__.py anyway. :(

Doug.

On Sat, May 23, 2015 at 9:03 AM, Douglas Garstang 
wrote:

> All,
>
> Can someone tell me how the following statement:
>
> import slice_fablib_common.common as common
>
> would be replicated with __import__ or import_module?
>
> I'm using fabric and I want the module when imported to appear in the
> namespace (which fabric shows as a task), in this case, as 'common.chef'.
> With the import statement it works. However, I'm trying to load the modules
> dynamically, and I just cannot work out what combination of options when
> used with dynamic imports will get me to 'common.chef'.
>
> When I get that to work, I'd like to go one step further as well. If I
> have modules called slice_fablib_webapp.webapp.deploy and
> slice_fablib_webapp.webapp.info, I'd like to import them as webapp.deploy
> and webapp.info.
>
> I suppose the webapp piece is a bit redundant. If I removed it, and ended
> up with slice_fablib_webapp.deploy and slice_fablib_webapp.info, I'd like
> to import them so that they still appear in fabric's name space as
> webapp.deploy and webapp.info.
>
> Thanks,
> Doug.
>
>


-- 
Regards,

Douglas Garstang
http://www.linkedin.com/in/garstang
Email: doug.garst...@gmail.com
Cell: +1-805-340-5627
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: PYTHONPATH when calling from ipython

2015-05-23 Thread Peter Otten 
Cecil Westerhof wrote:

> Op Saturday 23 May 2015 15:25 CEST schreef Peter Otten:
> 
>> Cecil Westerhof wrote:
>>
>>> Op Saturday 23 May 2015 11:12 CEST schreef Mark Lawrence:
>>>
 On 22/05/2015 06:20, Cecil Westerhof wrote:
> I am looking into using ipython instead of bash. But when I call
> a python program from ipython PYTHONPATH is not set. So
> pythonscripts that need a module through PYTHONPATH will not
> work.
>
> I could do something like:
> !PYTHONPATH=~/Python/PythonLibrary python2 …
>
> But I find that a little bit cumbersome. Is there a better way to
> do it?
>

 What makes you think this?  Have you tried:-

>>> import os
>>> os.environ['PYTHONPATH']
 'C:\\Users\\Mark\\Documents\\Cash\\Python;C:
>> \\Users\\Mark\\Documents\\MyPython'

 That might be from the command line interpreter but it also works
 the same from iPython for me on Windows 8.1.
>>>
>>> That does not change anything. The modules are not found. Also not
>>> when using %run.
>>
>>
>> That may be because ~ is not expanded.
>>
>> Try
>>
>> os.environ["PYTHONPATH"] =
>> os.path.expanduser("~/Python/PythonLibary")
> 
> That is not the problem:
> os.environ['PYTHONPATH']
> gives:
> .:/home/cecil/Python'
> 
> As I interpret it is that the very handy shell variable is not used in
> ipython.
> 

I can't confirm that finding. For test purposes I created foo/bar/hello.py.
Then I verified that the hello.py module is not found when invoking the 
python3 interpreter from within ipython3.
Once I update os.environ["PYTHONPATH"] the module is successfully imported.
The complete session:

$ mkdir -p foo/bar
$ echo 'print("hello from foo/bar")' > foo/bar/hello.py
$ ipython3
Python 3.4.0 (default, Apr 11 2014, 13:05:11) 
Type "copyright", "credits" or "license" for more information.

IPython 1.2.1 -- An enhanced Interactive Python.
? -> Introduction and overview of IPython's features.
%quickref -> Quick reference.
help  -> Python's own help system.
object?   -> Details about 'object', use 'object??' for extra details.

In [1]: import hello.py
---
ImportError   Traceback (most recent call last)
 in ()
> 1 import hello.py

ImportError: No module named 'hello'

In [2]: import os

In [3]: !python3 -c 'import hello'
Traceback (most recent call last):
  File "", line 1, in 
ImportError: No module named 'hello'

In [4]: os.environ["PYTHONPATH"] = "foo/bar"

In [5]: !python3 -c 'import hello'
hello from foo/bar


If that's not what you want please explain in similar detail what you want 
to achieve and what you actually tried. Thank you.

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Marko Rauhamaa 
Steven D'Aprano :

> On Sat, 23 May 2015 10:44 pm, Marko Rauhamaa wrote:
>> Here's an idea: an authentication is considered valid if it is
>> vouched for by the United States, China, Russia *and* the European
>> Union. Those governments are the only entities that would have the
>> right to delegate their respective certification powers to private
>> entities.
>
> An interesting mix of:
>
> - one explicitly non-democratic one-party state;
> - one nominally democratic but de facto autocratic state;
> - one nominally democratic but de facto two-party corporatocracy;
> - one supranational union of states;

Yes, the same principles that make UN do a lot of good in the world
despite those shortcomings.

> If you gave them veto power over all certificate authorities (since
> you need all four to agree, any of them can veto a CA),

No, they wouldn't be able to veto a CA. At worst, they would be able to
refuse you a certificate. If they did that, they would risk being
dropped from the power pool.

>> The governments would also offer to certify anybody in the world free
>> of charge.
>
> Why would they do that?

They would have something to gain and something to lose:

 1. They would gain protection for their citizens and companies against
foreign MitM attacks.

 2. They would lose the power to perform MitM attacks on their own
citizens.

Unfortunately, the governments of the world fear their own citizens more
than each other, so they would likely not go with the kind of plan I
presented.

At the moment any sovereign government and sizeable criminal outfit can
cook up valid certificates for any website in the world. That's because
each CA is trusted completely.


Marko
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Extract email address from Java script in html source using python

2015-05-23 Thread Peter Pearson 
On Sat, 23 May 2015 12:16:06 +0530, savitha devi  wrote:
>
> I am developing a web scraper code using HTMLParser. I need to extract
> text/email address from java script with in the HTMLCode.

Would be be correct in suspecting that you are assembling a list
of email addresses for use in spamming?  After all, that is the
problem that motivates people to hide their email addresses behind
Javascript.

-- 
To email me, substitute nowhere->runbox, invalid->com.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Marko Rauhamaa 
Johannes Bauer :

> I think the major flaw of the X.509 certificate PKI we have today is
> that there's no namespacing whatsoever. This is a major problem, as
> the Government of Untrustworthia may give out certifictes for
> google.de if they wish to do so.

But you're fine with the Government of Germany, I take it? Or any
accredited German CA?

Even well-meaning CA's do a lousy job. I remember when I purchased a
domain certificate from a reputable CA. How did they verify I was a
rightful representative of the domain? They called the phone number I
had filled in the application form -- since somebody (me) picked up the
phone, they accepted my application as legitimate.

When an HTTPS URL is displayed with the green lock icon, all it means is
that someone has paid good money for the certificate.

> Sounds like it's trivial to implement, I wonder why it's not in place.
> It must have some huge drawback that I can't think of right now.

How would your scheme address .com, .net, .org etc?


Marko
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Terry Reedy 

On 5/23/2015 7:12 AM, Tim Daneliuk wrote:

On 05/22/2015 08:54 PM, Terry Reedy wrote:

On 5/22/2015 5:40 PM, Tim Daneliuk wrote:


Lo these many years ago, I argued that Python is a whole lot more than
a programming language:

 https://www.tundraware.com/TechnicalNotes/Python-Is-Middleware/



Perhaps something at tundraware needs updating.
'''
This Connection is Untrusted

You have asked Firefox to connect securely to www.tundraware.com, but we can't 
confirm that your connection is secure.

Normally, when you try to connect securely, sites will present trusted 
identification to prove that you are going to the right place. However, this 
site's identity can't be verified.
'''



It's self signed - something done quite routinely on the net.


I do not routinely see the message above.  In fact, it has been months. 
 I think the last time was a python.org site that *did* need updating. 
Hence the 'perhaps'. But maybe I do not get around to new sites often 
enough.


I went ahead and clicked through the warnings to read you somewhat 
prescient 13-year-old piece.


--
Terry Jan Reedy

--
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Chris Angelico 
On Sun, May 24, 2015 at 2:53 AM, Marko Rauhamaa  wrote:
> Steven D'Aprano :
>
>> On Sat, 23 May 2015 10:44 pm, Marko Rauhamaa wrote:
>>> Here's an idea: an authentication is considered valid if it is
>>> vouched for by the United States, China, Russia *and* the European
>>> Union. Those governments are the only entities that would have the
>>> right to delegate their respective certification powers to private
>>> entities.
>>
>> If you gave them veto power over all certificate authorities (since
>> you need all four to agree, any of them can veto a CA),
>
> No, they wouldn't be able to veto a CA. At worst, they would be able to
> refuse you a certificate. If they did that, they would risk being
> dropped from the power pool.

You start out by saying it's valid if vouched for by X, Y, Z., *and*
A. That means that if it's vouched for by X, Y, and A, but not Z, then
it's not valid. That gives Z the power to veto any certificate.
Correspondingly each of the others.

Alternatively, you could say that it's valid if vouched for by *any*
of your authorities... but then you have the same situation as
currently, where multiple authorities can create identical
certificates.

You could try for some kind of voting scheme, where it takes X/2+1
authorities to create a certificate (so you'd need three of your four,
or if you added a fifth (say Japan), then three out of the five); but
this just entails ridiculous overheads for uncertain benefit.

Also, there's one huge question outstanding: Since when should country
governments and the EU be in charge of any of this?

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: PYTHONPATH when calling from ipython

2015-05-23 Thread Cecil Westerhof 
Op Saturday 23 May 2015 18:09 CEST schreef Peter Otten:

> Cecil Westerhof wrote:
>
>> Op Saturday 23 May 2015 15:25 CEST schreef Peter Otten:
>>
>>> Cecil Westerhof wrote:
>>>
 Op Saturday 23 May 2015 11:12 CEST schreef Mark Lawrence:

> On 22/05/2015 06:20, Cecil Westerhof wrote:
>> I am looking into using ipython instead of bash. But when I
>> call a python program from ipython PYTHONPATH is not set. So
>> pythonscripts that need a module through PYTHONPATH will not
>> work.
>>
>> I could do something like:
>> !PYTHONPATH=~/Python/PythonLibrary python2 …
>>
>> But I find that a little bit cumbersome. Is there a better way
>> to do it?
>>
>
> What makes you think this?  Have you tried:-
>
 import os
 os.environ['PYTHONPATH']
> 'C:\\Users\\Mark\\Documents\\Cash\\Python;C:
>>> \\Users\\Mark\\Documents\\MyPython'
>
> That might be from the command line interpreter but it also
> works the same from iPython for me on Windows 8.1.

 That does not change anything. The modules are not found. Also
 not when using %run.
>>>
>>>
>>> That may be because ~ is not expanded.
>>>
>>> Try
>>>
>>> os.environ["PYTHONPATH"] =
>>> os.path.expanduser("~/Python/PythonLibary")
>>
>> That is not the problem:
>> os.environ['PYTHONPATH']
>> gives:
>> .:/home/cecil/Python'
>>
>> As I interpret it is that the very handy shell variable is not used
>> in ipython.
>>
>
> I can't confirm that finding. For test purposes I created
> foo/bar/hello.py. Then I verified that the hello.py module is not
> found when invoking the python3 interpreter from within ipython3.
> Once I update os.environ["PYTHONPATH"] the module is successfully
> imported. The complete session:

I should have checked better. I think I found a bug that made it look
like PYTHONPATH does not work.

In bash I give:
echo $PYTHONPATH
this gives:
.:/home/cecil/Python/PythonLibrary

Then I start ipython3 and get/do the following:
Python 3.4.1 (default, May 23 2014, 17:48:28) [GCC]
Type "copyright", "credits" or "license" for more information.

IPython 2.2.0 -- An enhanced Interactive Python.
? -> Introduction and overview of IPython's features.
%quickref -> Quick reference.
help  -> Python's own help system.
object?   -> Details about 'object', use 'object??' for extra details.

In [1]: import os

In [2]: os.environ['PYTHONPATH']
Out[2]: '.:/home/cecil/Python'

And PYTHONPATH has a different value. That is why my module is not
found.

When I set PYTHONPATH to the correct value, everything works as
expected:
In [3]: os.environ['PYTHONPATH'] = '.:/home/cecil/Python/PythonLibrary/'

In [4]: !python2 postOnTwitter.py --used
Citation has 50 saved messages of 126:
[6, 55, 43, 82, 28, 116, 2, 50, 100, 5, 0, 122, 75, 51, 121, 60, 114, 13, 
102, 78, 31, 107, 73, 109, 54, 119, 72, 90, 89, 113, 118, 41, 11, 27, 48, 77, 
19, 111, 62, 98, 110, 9, 10, 115, 63, 15, 53, 101, 94, 92]

Tips has 30 saved messages of 94:
[20, 37, 7, 59, 45, 49, 40, 87, 79, 78, 31, 14, 15, 25, 84, 18, 91, 53, 8, 
35, 80, 92, 34, 42, 74, 69, 64, 22, 86, 62]

That begs the question: what is the reason for the corruption of
PYTHONPATH?

I already answered it partly myself. When I change PYTHONPATH in bash
and call ipython3 again, it has the same value as before, so it does
not take its value from the calling bash as I would expect.

-- 
Cecil Westerhof
Senior Software Engineer
LinkedIn: http://www.linkedin.com/in/cecilwesterhof
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: PYTHONPATH when calling from ipython

2015-05-23 Thread Mark Lawrence 

On 23/05/2015 18:30, Cecil Westerhof wrote:


I should have checked better. I think I found a bug that made it look
like PYTHONPATH does not work.

In bash I give:
 echo $PYTHONPATH
this gives:
 .:/home/cecil/Python/PythonLibrary

Then I start ipython3 and get/do the following:
 Python 3.4.1 (default, May 23 2014, 17:48:28) [GCC]
 Type "copyright", "credits" or "license" for more information.

 IPython 2.2.0 -- An enhanced Interactive Python.


The latest iPython is 3.1.0.  Time to update?

--
My fellow Pythonistas, ask not what our language can do for you, ask
what you can do for our language.

Mark Lawrence

--
https://mail.python.org/mailman/listinfo/python-list

Re: PYTHONPATH when calling from ipython

2015-05-23 Thread Cecil Westerhof 
Op Saturday 23 May 2015 19:30 CEST schreef Cecil Westerhof:

> I should have checked better. I think I found a bug that made it
> look like PYTHONPATH does not work.
>
> In bash I give:
> echo $PYTHONPATH
> this gives:
> .:/home/cecil/Python/PythonLibrary
>
> Then I start ipython3 and get/do the following:
> Python 3.4.1 (default, May 23 2014, 17:48:28) [GCC]
> Type "copyright", "credits" or "license" for more information.
>
> IPython 2.2.0 -- An enhanced Interactive Python. ? -> Introduction
> and overview of IPython's features. %quickref -> Quick reference.
> help -> Python's own help system. object? -> Details about 'object',
> use 'object??' for extra details.
>
> In [1]: import os
>
> In [2]: os.environ['PYTHONPATH']
> Out[2]: '.:/home/cecil/Python'
>
> And PYTHONPATH has a different value. That is why my module is not
> found.
>
> When I set PYTHONPATH to the correct value, everything works as
> expected: In [3]: os.environ['PYTHONPATH'] =
> '.:/home/cecil/Python/PythonLibrary/'
>
> In [4]: !python2 postOnTwitter.py --used Citation has 50 saved
> messages of 126: [6, 55, 43, 82, 28, 116, 2, 50, 100, 5, 0, 122, 75,
> 51, 121, 60, 114, 13, 102, 78, 31, 107, 73, 109, 54, 119, 72, 90,
> 89, 113, 118, 41, 11, 27, 48, 77, 19, 111, 62, 98, 110, 9, 10, 115,
> 63, 15, 53, 101, 94, 92]
>
> Tips has 30 saved messages of 94:
> [20, 37, 7, 59, 45, 49, 40, 87, 79, 78, 31, 14, 15, 25, 84, 18, 91,
> 53, 8, 35, 80, 92, 34, 42, 74, 69, 64, 22, 86, 62]
>
> That begs the question: what is the reason for the corruption of
> PYTHONPATH?
>
> I already answered it partly myself. When I change PYTHONPATH in
> bash and call ipython3 again, it has the same value as before, so it
> does not take its value from the calling bash as I would expect.

Well it was my fault again. Linux can run very long before you need to
restart it. I work with screen. Before PYTHONPATH was
.:/home/cecil/Python, but later on I changed it to
.:/home/cecil/Python/PythonLibrary. When starting a new shell, the
bash shell had the right value. But when starting ipython it got the
old value. Importing os is not even necessary:
Python 3.4.1 (default, May 23 2014, 17:48:28) [GCC]
Type "copyright", "credits" or "license" for more information.

IPython 2.2.0 -- An enhanced Interactive Python.
? -> Introduction and overview of IPython's features.
%quickref -> Quick reference.
help  -> Python's own help system.
object?   -> Details about 'object', use 'object??' for extra details.

In [1]: !python2 postOnTwitter.py --used
python2: can't open file 'postOnTwitter.py': [Errno 2] No such file or 
directory

In [2]: !python2 postOnTwitter.py --used
Citation has 50 saved messages of 126:
[6, 55, 43, 82, 28, 116, 2, 50, 100, 5, 0, 122, 75, 51, 121, 60, 114, 13, 
102, 78, 31, 107, 73, 109, 54, 119, 72, 90, 89, 113, 118, 41, 11, 27, 48, 77, 
19, 111, 62, 98, 110, 9, 10, 115, 63, 15, 53, 101, 94, 92]

Tips has 30 saved messages of 94:
[20, 37, 7, 59, 45, 49, 40, 87, 79, 78, 31, 14, 15, 25, 84, 18, 91, 53, 8, 
35, 80, 92, 34, 42, 74, 69, 64, 22, 86, 62]


Feeling a bit silly at the moment. >:-(


By the way I use python2 because the program uses a library that does
not work with python3.

-- 
Cecil Westerhof
Senior Software Engineer
LinkedIn: http://www.linkedin.com/in/cecilwesterhof
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Marko Rauhamaa 
Chris Angelico :

> On Sun, May 24, 2015 at 2:53 AM, Marko Rauhamaa  wrote:
>> Steven D'Aprano :
>>> If you gave them veto power over all certificate authorities (since
>>> you need all four to agree, any of them can veto a CA),
>>
>> No, they wouldn't be able to veto a CA. At worst, they would be able
>> to refuse you a certificate. If they did that, they would risk being
>> dropped from the power pool.
>
> You start out by saying it's valid if vouched for by X, Y, Z., *and*
> A. That means that if it's vouched for by X, Y, and A, but not Z, then
> it's not valid. That gives Z the power to veto any certificate.
> Correspondingly each of the others.

CA = certificate authority != certificate


Marko
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: PYTHONPATH when calling from ipython

2015-05-23 Thread Cecil Westerhof 
Op Saturday 23 May 2015 20:13 CEST schreef Mark Lawrence:

> On 23/05/2015 18:30, Cecil Westerhof wrote:
>>
>> I should have checked better. I think I found a bug that made it
>> look like PYTHONPATH does not work.
>>
>> In bash I give:
>> echo $PYTHONPATH
>> this gives:
>> .:/home/cecil/Python/PythonLibrary
>>
>> Then I start ipython3 and get/do the following:
>> Python 3.4.1 (default, May 23 2014, 17:48:28) [GCC]
>> Type "copyright", "credits" or "license" for more information.
>>
>> IPython 2.2.0 -- An enhanced Interactive Python.
>
> The latest iPython is 3.1.0.  Time to update?

Maybe. ;-)

Strange thing is that ipython (for python 2) uses 3.0.0. This is on
openSUSE 13.2. On Debian 8 both use 2.3.0.

-- 
Cecil Westerhof
Senior Software Engineer
LinkedIn: http://www.linkedin.com/in/cecilwesterhof
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Human Rights and Justice in Islam

2015-05-23 Thread hamilton 

On 5/23/2015 8:11 AM, bv4bv4...@gmail.com wrote:

Human Rights and Justice in Islam


Description: A glimpse at the foundations of human rights laid by Islam.
By islam-guide.com

Islam provides many human rights for the individual.  The following are some of 
these human rights that Islam protects.

The life and property of all citizens in an Islamic state


So if you are a Member of Islamic State you have rights, other wise you 
are an infidel and subject to death from the whim of Allah or whom ever 
thinks they are Allah.



Does that sound right ??

--
https://mail.python.org/mailman/listinfo/python-list

[RELEASE] Python 2.7.10

2015-05-23 Thread Benjamin Peterson 
The next bugfix release of the Python 2.7.x series, Python 2.7.10, has
been released. The only interesting change since the release candidate
is a fix for a regression in cookie parsing.

Downloads are available at:
  https://www.python.org/downloads/release/python-2710/

Report bugs at:
  https://bugs.python.org

Enjoy your 2 digit versions,
Benjamin
(on behalf of 2.7.10's contributors)
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: need help with an accessibility prototype

2015-05-23 Thread Ned Deily 
In article <201505230925.t4n9pnz8028...@fido.openend.se>,
 Laura Creighton  wrote:

> In a message of Fri, 22 May 2015 23:31:19 -0700, Ned Deily writes:
> >Tcl/Tk 8.4 is quite old and no longer maintained; 8.6.x is current, 
> >although 8.5.x is also still in use.
> >
> >http://www.tcl.tk/man/tcl8.6/TkCmd/keysyms.htm
> >
> > Ned Deily,
> > n...@acm.org
> 
> Thank you Ned.  Old bookmark from when I needed this the last time --
> sorry about that.  Do you know if you still need to use 8.5 if you are
> on Mac OS? i.e.  is this page current?
> https://www.python.org/download/mac/tcltk/

Yes, it is current.  Apple has not yet shipped a version of 8.6 with OS 
X, so the Apple-supplied Python in current OS X releases use 8.5; OS X 
10.5 and earlier systems shipped only with 8.4.  At the moment, the 
Pythons for OS X provided by python.org installers still use 8.5 for the 
10.6+ installers and 10.4 for the 10.5+ installers.  Some third-party 
distributors of Python and Tcl/Tk for OS X are now using 8.6, e.g. 
MacPorts.

-- 
 Ned Deily,
 n...@acm.org

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Extract email address from Java script in html source using python

2015-05-23 Thread Steve Hayes 
On Sat, 23 May 2015 19:01:55 +1000, Chris Angelico 
wrote:

>On Sat, May 23, 2015 at 4:46 PM, savitha devi  wrote:
>> I am developing a web scraper code using HTMLParser. I need to extract
>> text/email address from java script with in the HTMLCode.I am beginner level
>> in python coding and totally lost here. Need some help on this. The java
>> script code is as below:
>>
>>

mix-in classes

2015-05-23 Thread Dr. John Q. Hacker 
The post on "different types of inheritence..." brought up a thought.

Let's say, I'm adding flexibility to a module by letting users change class
behaviors by adding different mix-in classes.

What should happen when there's a name collision on method names between
mix-ins?  Since they're mix-ins, it's not presumed that there is any parent
class to decide.  The proper thing would seem to call each method in the
order that they are written within the parent class definition.

I suppose one can create a method in the parent class, that runs the mixin
methods in the same order as in the inheritance list, but would there be a
better way for Python to enforce such a practice so as not to create class
anarchy?  (A problem for another topic.)

zipher
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Michael Torrie 
On 05/23/2015 05:40 AM, Chris Angelico wrote:
> On Sat, May 23, 2015 at 9:34 PM, Tim Chase
>  wrote:
>> A self-signed certificate may be of minimal worth the *first* time you
>> visit a site, but if you return to the site, that initial
>> certificate's signature can be used to confirm that you're talking to
>> the same site you talked to previously.  This is particularly
>> valuable on a laptop where you make initial contact over a (I
>> hesitate to say "more secure") less hostile connection through your
>> home ISP.  Then, when you're out at the library, coffee-shop, or some
>> hacker convention on their wifi, it's possible to determine whether
>> you're securely connecting to the *same* site, or whether an attempt
>> is being made to MitM because the cert changed.
> 
> You can get the exact same benefit (knowing when the cert changes)
> with an externally-signed cert too. How many people actually bother to
> check?

Except that you won't be notified automatically.  A MitM attack nowadays
most often uses a valid certificate signed by a recognized (though
untrustworthy) CA.  Thus with a self-signed cert that you've previously
accepted, you'll immediate know of the MitM attack.  The odds of this
happening inside China, for example, is very high.  Wasn't that long ago
bogus google certificates (still valid) were found in the wild.
Eventually Firefox and Chrome revoked the CA cert, but only after it was
found out.


-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Ah Python, you have spoiled me for all other languages

2015-05-23 Thread Michael Torrie 
On 05/23/2015 06:44 AM, Marko Rauhamaa wrote:
> Johannes Bauer :
> 
>> I dislike CAs as much as the next guy. But the problem of distributing
>> trust is just not easy to solve, a TTP is a way out. Do you have an
>> alternative that does not at the same time to providing a solution
>> also opens up obvious attack surface?
> 
> Here's an idea: an authentication is considered valid if it is vouched
> for by the United States, China, Russia *and* the European Union. Those
> governments are the only entities that would have the right to delegate
> their respective certification powers to private entities. The
> governments would also offer to certify anybody in the world free of
> charge.

Why trust governments?  Why not use peer-to-peer trust.  If I trust you
and you trust site X with a fingerprint of Y, then I should trust it
also.  Sadly though getting the unwashed masses educated enough to make
this work is impossible (like how PGP is pretty much dead).  Maybe it's
a harder problem than anyone can solve.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: mix-in classes

2015-05-23 Thread random832 
On Sat, May 23, 2015, at 21:53, Dr. John Q. Hacker wrote:

> What should happen when there's a name collision on method names between
> mix-ins?  Since they're mix-ins, it's not presumed that there is any
> parent
> class to decide.  The proper thing would seem to call each method in the
> order that they are written within the parent class definition.

The way C#/.NET does its nearest equivalent to this is to have this be
determined by what "mix-in" is in scope at the call site. That is, for
example, the mix-ins for IEnumerable defined in System.Linq.Enumerable
is only called if the System.Linq namespace has been imported.

IIRC, it's an error for there to be two with identical signatures, which
isn't an issue since you can simply explicitly call the method as
Enumerable.Whatever(foo) instead of foo.Whatever().

One could imagine a similar mechanism for python... object.__getattr__
could, if nothing is found in the dictionary or by an overridden
__getattr__ method, find the call site (construct a stack trace),
iterate through an __mixins__ list in the calling module, search each
mixin, in order (since it's a list, let's take advantage of it having an
order since we haven't got the static type system to do a lot of
sophisticated overload resolution), for a matching name. Ideally we'd
also have a mechanism for mixin methods to be able to raise
NotImplemented (or TypeError?) and have it continue down the list, but
any mechanism I can think of for this has the disadvantage that if any
of the mixins contains a matching callable it has to return a proxy
rather than immediately raising an error, even if none of them actually
works.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Extract email address from Java script in html source using python

2015-05-23 Thread VanguardLH 
Steve Hayes wrote:

> On Sat, 23 May 2015 19:01:55 +1000, Chris Angelico 
> wrote:
> 
>>On Sat, May 23, 2015 at 4:46 PM, savitha devi  wrote:
>>> I am developing a web scraper code using HTMLParser. I need to extract
>>> text/email address from java script with in the HTMLCode.I am beginner level
>>> in python coding and totally lost here. Need some help on this. The java
>>> script code is as below:
>>>
>>>