durusmail: quixote-users: Call for applications
Call for applications
2002-08-30
Andrew Kuchling
2002-08-30
Titus Brown
2002-08-30
Patrick K. O'Brien
2002-09-04
Andrew Kuchling
2002-09-04
Greg Ward
2002-09-04
Neil Schemenauer
2002-09-04
Mike Watkins
2002-09-05
Greg Ward
2002-09-04
Neil Schemenauer
2002-09-04
Jonathan Corbet
2002-09-04
Greg Ward
2002-09-04
Titus Brown
2002-09-04
Jonathan Corbet
2002-09-04
Titus Brown
2002-09-04
Jonathan Corbet
2002-09-04
Andrew Kuchling
Adding access control code (was Re: Call for applications)
2002-09-04
Greg Ward
2002-09-04
Patrick K. O'Brien
Re: query string handling
2002-09-04
Andrew Kuchling
2002-08-30
Patrick K. O'Brien
Call for applications
Jonathan Corbet
2002-09-04
> That's a good question.  I don't think we have anything we want to
> add, or that we plan to refactor.  Is there any reason we shouldn't
> just stamp 1.0 on Quixote?

I think it's awfully close.  I don't have a huge amount of change I would
ask for, myself.

> I'm aware of one minor issue: HTTPRequest doesn't parse form values in
> the query string.

I'm confused - are you thinking of something in addition to
request.get_form_var()?  In the few cases where I've still wanted to use
query strings (usually "display N news items starting at OFFSET"),
get_form_var has been all I've really needed.

One thing I've been meaning to put together and send in: the form token
interface really needs an atomic "test and clear token" operation.
Otherwise, in a multi-threaded server environment, you can still get nailed
by the "they hit submit twice" problem.  If "submit" is charging something
to a credit card, you can't afford to let that happen...

Regarding Greg's thoughts on user authentication: if request.session.user
changes, I could end up with (another) cleanup job to do.  Best to do that
before 1.0 if you're going to - or wait for 2.0.

Hmm...it's Wednesday...I'm not supposed to be thinking about fun stuff like
this...

jon

Jonathan Corbet
Executive editor, LWN.net
corbet@lwn.net
reply