Albatross 1.01 released

Dave Cole
28 Oct 2002 12:48:39 +1100

Albatross is a small toolkit for developing highly stateful web

The toolkit has been designed to take a lot of the pain out of
constructing intranet applications although you can also use Albatross
for deploying publicly accessed web applications.

In slightly more than 2600 lines of Python (according to pycount) you
get the following:

  * An extensible HTML templating system similar to DTML including tags for:
    - Conditional processing.
    - Macro definition and expansion.
    - Sequence iteration and pagination.
    - Tree browsing.
    - Lookup tables to translate Python values to arbitrary template
  * Application classes which offer the following features:
    - Optional server side or browser side sessions.
    - The ability to place Python code for each page in a dynamically
      loaded module, or to place all page processing code in a single
  * The ability to deploy applications either as CGI or via mod_python
    by changing less than 10 lines of code.

The toolkit application functionality is defined by a collection of
fine grained mixin classes.  Nine different application types and five
different execution contexts are prepackaged, you are able to define
your own drop in replacements for any of the mixins to alter any
aspect of the toolkit semantics.

Application deployment is controlled by your choice of either cgi or
mod_python Request class.  It should be possible to develop a Request
class for FastCGI or Medusa to allow applications to be deployed on
those platforms with minimal changes.

Albatross comes with over 130 pages of documentation.  HTML, PDF and
PostScript formatted documentation is available from the toolkit

The toolkit homepage:

The Albatross mailing list subscription and archives:


* Prevent variables starting with an underscore from being merged into
  the context local namespace from request objects.  This prevents
  attackers spoofing variables such as __page__, and any user
  variables such as authentication data.

* Updated documentation to explain underscore prefixed names in
  execution context are protected from browser modification.


* Applied bugfix from Detlef Lannert - null attributes would raise a
  TypeError (for example: <al-img expr="..." alt="">).  Once fixed,
  this exposed another bug where an attribute with a null value would
  lose it's value altogether (XHTML requires attributes to have a
  value, null or otherwise).

* Exception text is now escaped before being sent to browser.

* The PageModuleMixin does not reload a page module if was previously
  loaded by unpickling the session.  This is to avoid a problem with
  new code in the Python 2.2 pickle/cPickle module which causes the
  following to fail.

      import pickle, copy
      o = copy._EmptyClass()
      pickle.dumps(o, 1)

* Pickling errors are now trapped by looking for the PickleError

* Bug prevented nameexpr from being used in <al-textarea> and

* Radio input was converting "value_attr" to str(), but not "value",
  which was causing the "checked" test to fail if value was anything
  but a string.  Also changed checkbox input to convert both to
  strings before doing the comparison.