|
Graham Dumpleton
grahamd at dscpl.com.au
Fri Mar 3 03:31:52 EST 2006
On 03/03/2006, at 7:12 PM, marinus van aswegen wrote:
> Thanks guys, just what I was looking for. I suspect the safest way
> to deploy my mod_python app is to ensure that all calls go through
> one function via the publisher ...eg. cmd.py/<what ever cmd you want>.
Using publisher doesn't automatically mean it will be safer. In some
respects
publisher makes it easier to inadvertently stuff things up because it
does a
lot of things automagically. :-)
> I'd like to be able to detect if debugging is on via my cmd, so
> that it will refuse to exec and return a page indicating that it's
> down for maint. Is there a way from inside my script?
Not sure exactly what you mean here. If you are wanting a way to
determine
if PythonDebug is set to On, use:
if int(req.get_config().get("PythonDebug","0"):
...
> Next step is to sanitise input, I'm thinking of using a white list
> of chars. Is there a way to ensure that all input will be non Unicode?
Again not sure exactly what you mean here. If you want to modify the
content
of POST requests as it arrives, you could look at input filters.
Graham
|