96 items tagged “http”
2006
Don’t serve JSON as text/html. Another sneaky XSS trick.
2005
Fighting RFCs with RFCs
Google’s recently released Web Accelerator apparently has some scary side-effects. It’s been spotted pre-loading links in password-protected applications, which can amount to clicking on every “delete this” link — bypassing even the JavaScript prompt you carefully added to give people the chance to think twice.
[... 353 words]2004
RFC 3229: Delta encoding in HTTP (via) A solution to the RSS bandwidth problem?
2003
The difference between POST and GET
How important is the ability to tell the difference between data sent by POST and data sent by GET (i.e in the query string) when developing web applications? Some web frameworks (such as PHP) provide separate mechanisms for accessing POST and GET data. Others (such as Python’s cgi module) provide a single interface to form information that doesn’t distinguish between the two. I already have a strong opinion on this but I’m going to leave it open for discussion here for a bit before weighing in.
The Python Web SIG
Python now has a Web SIG. SIGs are Special Interest Groups, each with a target to develop and improve a certain aspect of the Python language, standard library or community. The Web SIG has two purposes: create a plan for improving Python’s web client abilities (including things like the ability to parse CSS) and work on improving Python’s server side capabilities.
[... 289 words]Python Client Libraries
Three really useful looking Python modules: ClientForm, ClientTable and ClientCookie. ClientForm looks like it provides similar functionality to the form handling part of the WWW::Mechanize perl module, discussed previously. It essentially provides a very simple interface for loading an HTML page, parsing out the form information then filling in the form and submitting it back to the server. The author recommends it for automated testing (I’ve always had trouble figuring out how to link unit testing in to web applications) but I’m sure it could be useful for screen scraping tools as well. ClientTable is an early beta of a powerful looking table parser, and ClientCookie sits on top of the standard urllib library and transparently persists cookies in between requests.