Python December 2007 Archive

If you have not purchased it yet, check out OLPC's "Give One, Get One" campaign. The offer goes off on Monday. If you want to see some great ... Read More

Handling errors is one of the most important, fundamental parts of programming. Whether you plan for it or not, your web app will almost certainly see data for which ... Read More

Cross site scripting (XSS) is possible when the web application does not check user data but passes that same data back to the user in the form of a magic ... Read More

So-called magic URLs involve the passing of program or user data as part of the URL itself. The obvious problem here is that, unless one has stringent session management, ... Read More

Properly installed access controls provide answers to the question: Who accessed what when? If configured correctly, they can also indicate who attempted to access what when. All of ... Read More

If you are keeping up with Python 3000, be sure to check out the newly released alpha 2 version. Among the caveats that should be noted when using this ... Read More

You will recall that the One Laptop Per Child project (OLPC) is running a Give One, Get One campaign, giving developing countries laptops that run Python programs. If you ... Read More

As a rule, all user input must be treated with suspicion. It must be evaluated against a paradigm of what is expected to ensure aberrant data is not introduced. ... Read More

Web programming innately involves programming for security. But programming for security does not require a siege mentality. As Bruce Schneier notes in Secrets and Lies(prices), attackers need find only one ... Read More

With the latest step of the FTP guide posted, it is worth noting that all the ingredients are in place to make any of your programs P2P-friendly. Recall that ... Read More

If you have been following along on how to build an FTP client in Python, you will want to skip straight to the newest step in the series: Using binary ... Read More