diff options
Diffstat (limited to 'app/static/doc/flask-docs/foreword.html')
-rw-r--r-- | app/static/doc/flask-docs/foreword.html | 198 |
1 files changed, 198 insertions, 0 deletions
diff --git a/app/static/doc/flask-docs/foreword.html b/app/static/doc/flask-docs/foreword.html new file mode 100644 index 0000000..8cf1096 --- /dev/null +++ b/app/static/doc/flask-docs/foreword.html @@ -0,0 +1,198 @@ + +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> + + +<html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> + + <title>Foreword — Flask 0.8 documentation</title> + + <link rel="stylesheet" href="_static/flasky.css" type="text/css" /> + <link rel="stylesheet" href="_static/pygments.css" type="text/css" /> + + <script type="text/javascript"> + var DOCUMENTATION_OPTIONS = { + URL_ROOT: '', + VERSION: '0.8', + COLLAPSE_INDEX: false, + FILE_SUFFIX: '.html', + HAS_SOURCE: true + }; + </script> + <script type="text/javascript" src="_static/jquery.js"></script> + <script type="text/javascript" src="_static/underscore.js"></script> + <script type="text/javascript" src="_static/doctools.js"></script> + <link rel="top" title="Flask 0.8 documentation" href="index.html" /> + <link rel="next" title="Installation" href="installation.html" /> + <link rel="prev" title="Welcome to Flask" href="index.html" /> + + + <link rel="apple-touch-icon" href="_static/touch-icon.png" /> + + <link media="only screen and (max-device-width: 480px)" href="_static/small_flask.css" type= "text/css" rel="stylesheet" /> + + </head> + <body> + <div class="related"> + <h3>Navigation</h3> + <ul> + <li class="right" style="margin-right: 10px"> + <a href="genindex.html" title="General Index" + accesskey="I">index</a></li> + <li class="right" > + <a href="installation.html" title="Installation" + accesskey="N">next</a> |</li> + <li class="right" > + <a href="index.html" title="Welcome to Flask" + accesskey="P">previous</a> |</li> + <li><a href="index.html">Flask 0.8 documentation</a> »</li> + </ul> + </div> + + <div class="document"> + <div class="documentwrapper"> + <div class="bodywrapper"> + <div class="body"> + + <div class="section" id="foreword"> +<h1>Foreword<a class="headerlink" href="#foreword" title="Permalink to this headline">¶</a></h1> +<p>Read this before you get started with Flask. This hopefully answers some +questions about the purpose and goals of the project, and when you +should or should not be using it.</p> +<div class="section" id="what-does-micro-mean"> +<h2>What does “micro” mean?<a class="headerlink" href="#what-does-micro-mean" title="Permalink to this headline">¶</a></h2> +<p>To me, the “micro” in microframework refers not only to the simplicity and +small size of the framework, but also the fact that it does not make much +decisions for you. While Flask does pick a templating engine for you, we +won’t make such decisions for your datastore or other parts.</p> +<p>For us however the term “micro” does not mean that the whole implementation +has to fit into a single Python file.</p> +<p>One of the design decisions with Flask was that simple tasks should be +simple and not take up a lot of code and yet not limit yourself. Because +of that we took a few design choices that some people might find +surprising or unorthodox. For example, Flask uses thread-local objects +internally so that you don’t have to pass objects around from function to +function within a request in order to stay threadsafe. While this is a +really easy approach and saves you a lot of time, it might also cause some +troubles for very large applications because changes on these thread-local +objects can happen anywhere in the same thread. In order to solve these +problems we don’t hide the thread locals for you but instead embrace them +and provide you with a lot of tools to make it as pleasant as possible to +work with them.</p> +<p>Flask is also based on convention over configuration, which means that +many things are preconfigured. For example, by convention, templates and +static files are in subdirectories within the Python source tree of the +application. While this can be changed you usually don’t have to.</p> +<p>The main reason however why Flask is called a “microframework” is the idea +to keep the core simple but extensible. There is no database abstraction +layer, no form validation or anything else where different libraries +already exist that can handle that. However Flask knows the concept of +extensions that can add this functionality into your application as if it +was implemented in Flask itself. There are currently extensions for +object relational mappers, form validation, upload handling, various open +authentication technologies and more.</p> +<p>Since Flask is based on a very solid foundation there is not a lot of code +in Flask itself. As such it’s easy to adapt even for lage applications +and we are making sure that you can either configure it as much as +possible by subclassing things or by forking the entire codebase. If you +are interested in that, check out the <a class="reference internal" href="becomingbig.html#becomingbig"><em>Becoming Big</em></a> chapter.</p> +<p>If you are curious about the Flask design principles, head over to the +section about <a class="reference internal" href="design.html#design"><em>Design Decisions in Flask</em></a>.</p> +</div> +<div class="section" id="web-development-is-dangerous"> +<h2>Web Development is Dangerous<a class="headerlink" href="#web-development-is-dangerous" title="Permalink to this headline">¶</a></h2> +<p>I’m not joking. Well, maybe a little. If you write a web +application, you are probably allowing users to register and leave their +data on your server. The users are entrusting you with data. And even if +you are the only user that might leave data in your application, you still +want that data to be stored securely.</p> +<p>Unfortunately, there are many ways the security of a web application can be +compromised. Flask protects you against one of the most common security +problems of modern web applications: cross-site scripting (XSS). Unless +you deliberately mark insecure HTML as secure, Flask and the underlying +Jinja2 template engine have you covered. But there are many more ways to +cause security problems.</p> +<p>The documentation will warn you about aspects of web development that +require attention to security. Some of these security concerns +are far more complex than one might think, and we all sometimes underestimate +the likelihood that a vulnerability will be exploited, until a clever +attacker figures out a way to exploit our applications. And don’t think +that your application is not important enough to attract an attacker. +Depending on the kind of attack, chances are that automated bots are +probing for ways to fill your database with spam, links to malicious +software, and the like.</p> +<p>So always keep security in mind when doing web development.</p> +</div> +<div class="section" id="the-status-of-python-3"> +<h2>The Status of Python 3<a class="headerlink" href="#the-status-of-python-3" title="Permalink to this headline">¶</a></h2> +<p>Currently the Python community is in the process of improving libraries to +support the new iteration of the Python programming language. While the +situation is greatly improving there are still some issues that make it +hard for us to switch over to Python 3 just now. These problems are +partially caused by changes in the language that went unreviewed for too +long, partially also because we have not quite worked out how the lower +level API should change for the unicode differences in Python3.</p> +<p>Werkzeug and Flask will be ported to Python 3 as soon as a solution for +the changes is found, and we will provide helpful tips how to upgrade +existing applications to Python 3. Until then, we strongly recommend +using Python 2.6 and 2.7 with activated Python 3 warnings during +development. If you plan on upgrading to Python 3 in the near future we +strongly recommend that you read <a class="reference external" href="http://lucumr.pocoo.org/2011/1/22/forwards-compatible-python/">How to write forwards compatible +Python code</a>.</p> +</div> +</div> + + + </div> + </div> + </div> + <div class="sphinxsidebar"> + <div class="sphinxsidebarwrapper"><p class="logo"><a href="index.html"> + <img class="logo" src="_static/flask.png" alt="Logo"/> +</a></p> + <h3><a href="index.html">Table Of Contents</a></h3> + <ul> +<li><a class="reference internal" href="#">Foreword</a><ul> +<li><a class="reference internal" href="#what-does-micro-mean">What does “micro” mean?</a></li> +<li><a class="reference internal" href="#web-development-is-dangerous">Web Development is Dangerous</a></li> +<li><a class="reference internal" href="#the-status-of-python-3">The Status of Python 3</a></li> +</ul> +</li> +</ul> +<h3>Related Topics</h3> +<ul> + <li><a href="index.html">Documentation overview</a><ul> + <li>Previous: <a href="index.html" title="previous chapter">Welcome to Flask</a></li> + <li>Next: <a href="installation.html" title="next chapter">Installation</a></li> + </ul></li> +</ul> + <h3>This Page</h3> + <ul class="this-page-menu"> + <li><a href="_sources/foreword.txt" + rel="nofollow">Show Source</a></li> + </ul> +<div id="searchbox" style="display: none"> + <h3>Quick search</h3> + <form class="search" action="search.html" method="get"> + <input type="text" name="q" /> + <input type="submit" value="Go" /> + <input type="hidden" name="check_keywords" value="yes" /> + <input type="hidden" name="area" value="default" /> + </form> + <p class="searchtip" style="font-size: 90%"> + Enter search terms or a module, class or function name. + </p> +</div> +<script type="text/javascript">$('#searchbox').show(0);</script> + </div> + </div> + <div class="clearer"></div> + </div> + <div class="footer"> + © Copyright 2010, Armin Ronacher. + Created using <a href="http://sphinx.pocoo.org/">Sphinx</a>. + </div> + </body> +</html>
\ No newline at end of file |