Re: Strategy to Verify Python Program is POST'ing to a web server.
On 18.06.2011 13:34, mzagu...@gmail.com wrote:
Hello Folks,
I am wondering what your strategies are for ensuring that data
transmitted to a website via a python program is indeed from that
program, and not from someone submitting POST data using some other
means. I find it likely that there is no solution, in which case what
is the best solution for sending data to a remote server from a python
program and ensuring that it is from that program?
For example, if I create a website that tracks some sort of
statistical information and don't ensure that my program is the one
that is uploading it, the statistics can be thrown off by people
entering false POST data onto the data upload page. Any remedy?
Include some hash check in hidden field.
For example, from your python program you will include hidden fields
random_number and hash:
import random, hashlib
my_secret_key = "MySecretKey"
random_number = "%f" % random.random()
hash = hashlib.sha1("%s %s" % (my_secret_key, random_number)).hexdigest()
On the server side check hash with random_number and secret key to
ensure the data is POSTed from your application.
--
www.vikendi.com -/- www.svimi.net
--
http://mail.python.org/mailman/listinfo/python-list
SCGIServer and unusal termination
Hi there, I'm playing with SCGIServer (http://vmlinux.org/cgi-bin/dwww/usr/share/doc/python-scgi/guide.html), everything works just fine, but one thing bothers me. All prints after try-except block are executed twice after the Ctrl+C is pressed! test.py: #- from scgi.scgi_server import SCGIServer n = 0 print "Starting server." try: SCGIServer().serve() except (KeyboardInterrupt, SystemExit): print "Exception!" # print lines are executed twice (?!) n += 1 print "Terminating server, attempt %d." % n n += 1 print "Check n: %d." % n #- This is the output: e...@sunce:~/data/project/ScgiServer/src> python test.py Starting server. ^CException! Exception! Terminating server, attempt 1. Check n: 2. Terminating server, attempt 1. Check n: 2. e...@sunce:~/data/project/ScgiServer/src> If I put something else in try-except block, code after is executed normally: try: while 1: pass except (KeyboardInterrupt, SystemExit): print "Exception!" e...@sunce:~/data/project/ScgiServer/src> python test.py Starting server. ^CException! Terminating server, attempt 1. Check n: 2. e...@sunce:~/data/project/ScgiServer/src> Environment is 64bit Ubuntu with Python v2.6.4. Is there some reasonable explanation for this behaviour? Thanks in advance. -- www.vikendi.net -/- www.supergrupa.com -- http://mail.python.org/mailman/listinfo/python-list
Re: SCGIServer and unusal termination
Anyone? -- www.vikendi.net -/- www.supergrupa.com -- http://mail.python.org/mailman/listinfo/python-list
Re: SCGIServer and unusal termination
Diez B. Roggisch wrote: Is there some reasonable explanation for this behaviour? Thanks in advance. I can only guess that SCGIServer does something to stdout. Your code isn't executed twice, so the doubling seems to come from writing it twice. Yes I know that code isn't executed twice since the value of n remains the same, only print lines are doubled. Try e.g. redirecting stdout and stderr to different files, and see if things appear once in both. Redirection of stdout: e...@sunce:~/data/project/ScgiServer/test> python test.py 1> output.txt ^ce...@sunce:~/data/project/ScgiServer/test> cat output.txt Starting server. Exception! Terminating server, attempt 1. Check n: 2. Starting server. Exception! Terminating server, attempt 1. Check n: 2. Redirecting stderr creates an empty file. I still haven't found the solution. -- www.vikendi.net -/- www.supergrupa.com -- http://mail.python.org/mailman/listinfo/python-list
Re: SCGIServer and unusal termination
Diez B. Roggisch wrote: - save a reference to sys.stdout *before* invoking the server - compare to it after interruption. If it has changed, you at least know that somebody messed with it, and can beat him or whatever you see fit. Thanks for the help. Finally, I dropped python-scgi module and I wrote my own SCGI server. There was not only the problem with stdout, but one much serious which made it unusable to me. Every SCGI request was forked as a new process, without the ability to access the shared globals within the project. -- www.vikendi.net -/- www.supergrupa.com -- http://mail.python.org/mailman/listinfo/python-list
Re: SCGIServer and unusal termination
Дамјан Георгиевски wrote: SCGIServer().serve() forks, so it seems that there are 2 python processes continuing to run after SCGIServer().serve() I noticed that which makes it unusable to me. Also, it took me almost whole day to realize this. I'm adopting a huge application to work with SCGI which shares a certain amount of data between working threads and SCGI handler. I couldn't realize the cause of erratic and unconsistent data behaviour. After diving into python-scgi code, I gave it up and wrote my own SCGI server. -- www.vikendi.net -/- www.supergrupa.com -- http://mail.python.org/mailman/listinfo/python-list
Re: simple and fast platform independent IPC
On 03.02.2010 09:32, News123 wrote: Hi, I wondered what IPC library might be best simplest for following task? Consider using Thrift (http://incubator.apache.org/thrift/). It is multiplatform multilanguage RPC and IPC solution. I implemented it in couple of my projects and it works seamlessly. -- www.vikendi.net -/- www.supergrupa.com -- http://mail.python.org/mailman/listinfo/python-list
