[Chicago] Web Frameworks?
Massimo Di Pierro
mdipierro at cti.depaul.edu
Fri Aug 17 19:57:10 CEST 2007
Hi Adrian,
so far I have been using Django and I have thought Django. I find it
the most stable and easy to install framework.
I understand your argument about urls, I just think it should be
optional otherwise it makes a steeper learning curve.
About debugging, perhaps I did not express myself properly. I think
all errors should be logged. Errors should never be displayed to the
user unless the user identifies himself as the administrator. The
administrator could be identified by a password (and I see why you
object to it) and/or by a connection from localhost or a given
network domain. I just don't want people to be publish an application
and forget the debug=False flag. And I do not want that when they
turn off debug the administrator has no way to check whether a user
has an error. I am just asking for a built-in ticketing number. This
should be easy for Django since Django already has an excellent
administrative interface.
The only two things I do not like about Django are the urls and the
template language. This is not because they are not functional but
because, in my class, I have to teach Python and the template
languages does not feel like Python, so I have to teach that too.
Massimo
On Aug 17, 2007, at 11:48 AM, Adrian Holovaty wrote:
> Hi Massimo,
>
> I try not to get sucked into these sorts of subjective discussions
> anymore, but...what the heck.
>
> On 8/17/07, Massimo Di Pierro <mdipierro at cti.depaul.edu> wrote:
>> I do not like Django urls.py because they go in the direction of
>> duplicating
>> information instead of forcing users to follow good practice. For
>> example,
>> if I change name to a controller I also need to edit urls.py and
>> vice versa;
>> moreover I can have a form action with a different name than the
>> name of the
>> corresponding controller. This is very confusing to students.
>> CherryPy and
>> RoR instead enforce good practice. The ability to match arbitrary
>> URLs
>> should be optional and specified at the level of the controller
>> (perhaps
>> with a decorator).
>
> Decoupling URLs from the code that executes them is a good thing. This
> is a deliberate design decision. See the section "URLconfs and loose
> coupling" at http://www.djangobook.com/en/beta/chapter03/ for some
> reasoning.
>
>> there should not be a debug ON/OFF setting. There should be a
>> standard error
>> page that allows login as administrator. If administrator is
>> logged in he/she can see the
>> debug information.
>
> Whoa there! Not only is this a security problem, it's a usability
> problem. Site users should never be presented a link to "login as
> administrator." Could you imagine how ludicrous and unprofessional it
> would be if a Google or Yahoo error page, or perhaps your bank's Web
> site, displayed a "login as administrator" link?
>
> Adrian
> _______________________________________________
> Chicago mailing list
> Chicago at python.org
> http://mail.python.org/mailman/listinfo/chicago
More information about the Chicago
mailing list