Re: [Catalyst] New view: ICal?
A View is fine but because there is a format for files and it's natural to show/deliver content with a view. The view is going to be very THIN though. Basically nothing but a wrapper around what iCalendar really is which is data and therefore the Model domain. The view will essentially be Data::ICal->as_string + Content-Type => text/calendar + file disposition name something reasonable with a .ics or .ifb. I think the model should do all the heavy lifting. That allows it to be easily repurposed in other places, tools, and tests. I'm somewhat surprised no one has already done this. Casual searches look like maybe it's been solved before but not released to the CPAN. I was toying with a similar project years ago but never got the buy-in from the project leader. :P ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] New design
On Tue, Jul 23, 2013 at 4:30 PM, David Dorward da...@dorward.me.uk wrote: On 23 Jul 2013, at 9:48, Mark Keating wrote: The nice chaps at Evozon have recently been making design mocks for a bunch of Perl sites and they have come up with a fresh look for Catalyst. Take a look and let me know what you guys think. Concur with some recent feedback. It's done nattily but it's incohesive, seems more targeted at HR and biz dev than software developers, and 2001 was approximately when Perl died and the movie makes me think of the 1960s, killer computers, and LSD, not MVC development for the future. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: Chained and exceptions
Blast from the past:
http://grokbase.com/t/sc/catalyst/077e7jhw9g/rfc-catalyst-plugin-errorout
On Thu, May 9, 2013 at 1:42 PM, Bill Moseley mose...@hank.org wrote:
On Thu, May 9, 2013 at 9:34 AM, Aristotle Pagaltzis pagalt...@gmx.dewrote:
* Bill Moseley mose...@hank.org [2013-05-09 15:30]:
What's the reasoning that chained actions continue to run after an
earlier exception?
Seems like an accident of the design to me, borderline bug.
Agreed. Seems like something that could be easily overlooked.
If like me you don’t like it, Catalyst::ActionRole::DetachOnDie
Oh, that's nice. Tricks for applying it globally?
I went the monkey patch route. Shield your eyes:
use Catalyst::ActionChain;
sub Catalyst::ActionChain::dispatch {
my ( $self, $c ) = @_;
my @captures = @{$c-req-captures||[]};
my @chain = @{ $self-chain };
my $last = pop(@chain);
foreach my $action ( @chain ) {
my @args;
if (my $cap = $action-number_of_captures) {
@args = splice(@captures, 0, $cap);
}
local $c-request-{arguments} = \@args;
$action-dispatch( $c );
* return if @{ $c-error }; # Patch*
}
$last-dispatch( $c );
}
--
Bill Moseley
mose...@hank.org
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive:
http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Catalyst and Java
On Wed, Oct 31, 2012 at 8:41 AM, Devin Austin devin.aus...@gmail.com wrote: On Wed, Oct 31, 2012 at 3:50 AM, Tim Anderson tja...@gmail.com wrote: I have a handful of java servlets that I would like to 'front-end' with my Catalyst application, essentially using Catalyst to provide authentication/authorization before passing along the browser requests to the servlet. Does anyone have experience with doing something like this? I'd appreciate any insight or direction. This would be fairly do-able if you used REST for inter-app communication. Or something like Message::Passing, which allows you to send a message to a queue, which could be subscribed to from both ends, thus allowing the apps to talk to each other. If the Catalyst app is acting as a proxy to the servlets, I would think you could do a pretty regular authentication/authorization/session set up with it and just pass along whatever other info you need to the servlets via the aforementioned means. Another approach worth considering is to wrap the servlets up in a model. This often takes a bit longer and more thinking in the set-up phase but will give you code that is easier to reuse in other places. I've done this kind of problem both ways and either is fine but I'd lean to the model. You would end up with something you could run with Catalyst/Flea/Mojolicious/in-line-plack-with-auth-middleware/command-line/whatever. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Plugin::Session lazy start
On Wed, May 23, 2012 at 1:58 AM, Dag-Erling Smørgrav d...@des.no wrote:
As an alternate solution, is there a way to have it use a different file
name every time it starts?
Here's a snippet to do that:
conf.yml
--
Plugin::Session:
storage: /tmp/some-prefix-__UID__.session
MyApp.pm
--
Plugin::ConfigLoader = {
substitutions = {
UID = sub { $ },
},
},
https://metacpan.org/module/Catalyst::Plugin::ConfigLoader
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Plugin::Session lazy start
On Wed, May 23, 2012 at 7:42 AM, Alexander Hartmaier
alexander.hartma...@t-systems.at wrote:
Because I've just read perlvar: $REAL_USER_ID or $UID instead of $.
I think this is generally excellent advice but I want to argue against
it in this case.
UID = sub { $ } is sufficiently semantic *and* edifying. E.g., Oh!
That's the special var for UID. It finally makes sense.
use English;
UID = sub { $UID } is redundant to point of being annoying and even
distracting (to me).
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Model Instances vs. Model Classes - Round 2
On Wed, Jul 20, 2011 at 7:00 AM, Alejandro Imass alejandro.im...@gmail.com wrote: On Wed, Jul 20, 2011 at 2:25 AM, Alejandro Imass alejandro.im...@gmail.com wrote: On Thu, May 19, 2011 at 7:06 PM, Benjamin Hitz h...@stanford.edu wrote: [...] I tried to make it as practical as possible: http://wiki.catalystframework.org/wiki/best_practices/models_definitive_guide Maybe others can complement with more M Patterns The Catalyst Wiki seems to be having some problems so i posted it on PM as well: http://www.perlmonks.org/?node_id=915657 You probably never saw it but I did a bunch of this a couple years ago. It's a bit old but contains a lot of good stuff anyway: http://sedition.com/a/2733 And the code with a couple other pieces I didn't really cover in the articles is here: https://github.com/pangyre/p5-myapp-10in10 ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Fatal errors in chained actions
On Fri, Apr 8, 2011 at 2:39 AM, Dami Laurent (PJ) laurent.d...@justice.ge.ch wrote: -Message d'origine- De : Ronald J Kimball [mailto:rkimb...@pangeamedia.com] Envoyé : jeudi, 7. avril 2011 20:11 À : The elegant MVC web framework Objet : [Catalyst] Fatal errors in chained actions I was surprised to discover that when a chained action throws a fatal error, Catalyst continues executing the remaining actions in the chain. Personally, I had assumed that each action in the chain could depend on the preceeding actions having been executed successfully. Hi Ronald, This point was discussed in 2008 : see http://lists.scsys.co.uk/pipermail/catalyst/2008-March/017748.html and the rest of the thread. It was actually discussed a year before that: http://lists.scsys.co.uk/pipermail/catalyst/2007-July/014507.html The idea suffered from similar lack of tuits at the time. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Unicode::Encoding - utf8 \xBA does not map to Unicode
On Sun, Mar 27, 2011 at 12:10 AM, Tomas Doran bobtf...@bobtfish.net wrote: On 13 Mar 2011, at 14:46, ryan lauterbach wrote: Even if the URL is inproperly formed I think Catalyst should handle it gracefully. I entirely agree with this. At the very least, we should serve a 400 (bad request) page in some way, rather than a 500 (internal server error). Can you log a bug in RT against the Unicode::Encoding plugin and reference this discussion? I think there's been an open ticket on this issue for a few months. I was a little surprised it hadn't got any attention but now I'm guessing you just never saw it: https://rt.cpan.org/Public/Bug/Display.html?id=62120 ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: How to get uri_for something with a fragment?
On Tue, Mar 8, 2011 at 8:44 AM, Ronald J Kimball rkimb...@pangeamedia.com wrote: On Tue, Mar 8, 2011 at 11:27 AM, Ashley Pond V a...@sedition.com wrote: Well, the original message was: How do I call uri_for_action and pass it the '#id' part? It's not an arg and it's not part of the query string. This is called the fragment identifier in the final URL. uri_for_action makes it implicit that he was seeking a server side use of the fragment. No, it does not. He was simply creating a URL, with a fragment, that will be included in the body of the response so the user can click on it in the browser. Oh. That's completely different. Never mind. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Best form library?
On Mon, Mar 7, 2011 at 8:15 AM, Devin Austin devin.aus...@gmail.com wrote: On Sun, Mar 6, 2011 at 2:52 PM, Roger Horne ro...@hrothgar.co.uk wrote: On Sunday 06 March 2011 20:52:04 Devin Austin wrote: FormFu is pretty awful in my opinion. Rose::HTML stuff isn't much better. As an amateur I would be interested to know why. When I started learning about Catalyst about a year ago, the Tutorial at FormFu doesn't make it easy to do a lot of things. Things like modifying the form after it's been created aren't very easy, and there were quite a few instances I had to add these sort of ludicrous call backs (recommended in the documentation) to get the functionality I wanted (populate a select box from the db, etc.) It's kludgy, and there are just better options out there. I'd like to see a start to finish example of the better options. Your criticism seems contradictory. You dislike callbacks because you prefer to write the form in code. I use FormFu and have no problem with it and there is ultimately no difference between doing things in config or in code, it's all code and rendering in the end and HTML forms and form processing is just a messy business no matter what you do. I find config files a very clean way to reuse parts of forms and fieldsets and such. Doing that with Roles or inheritance seems messier to me. The *only* thing I'm dissatisfied with in FormFu is the speed but since forms are such a small part of regular app traffic, it hasn't stopped me from using it. Carl's fast and caring responses to questions and bugfixes on the FormFu list are part of why I like it. I have been very curious about other approaches, including FormHandler but a casual read of the docs gives no compelling reason to switch and critiquing FormFu (FormFu is pretty awful in my opinion) without some kind of comparison/contrast and real examples is not really helpful. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] How to get uri_for something with a fragment?
On Mon, Mar 7, 2011 at 10:05 AM, John M. Dlugosz wxju46g...@snkmail.com wrote: On 3/7/2011 9:34 AM, Ronald J Kimball rkimball-at-pangeamedia.com |Catalyst/Allow to home| wrote: On Sun, Mar 6, 2011 at 6:46 AM, John M. Dlugoszwxju46g...@snkmail.com wrote: On 3/6/2011 5:28 AM, Andrew Rodland andrew-at-cleverdomain.org |Catalyst/Allow to home| wrote: Or, since you know that what it generates *doesn't* have a fragment you could always just $c-uri_for_action(...) . '#id' which will be perfectly valid (although no longer a URI object). I considered that a hack until I knew better, since it won't work if there are query arguments. Why won't it work if there are query arguments? Seems correct to me. Using the fragment is probably a bad idea. It's not supported by all servers so it can end up lost on the backend depending on your setup. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] How to get uri_for something with a fragment?
On Mon, Mar 7, 2011 at 12:34 PM, Ronald J Kimball rkimb...@pangeamedia.com wrote: On Mon, Mar 7, 2011 at 3:25 PM, John M. Dlugosz wxju46g...@snkmail.com wrote: On 3/7/2011 1:35 PM, Ashley Pond V apv-at-sedition.com |Catalyst/Allow to home| wrote: Using the fragment is probably a bad idea. It's not supported by all servers so it can end up lost on the backend depending on your setup. I've never heard of a web server that didn't have fragments. I link to anchors all the time! No, really, that's meaningless. Fragments are handled by the user agent, not by the server. What Ronald said + the #fragment is not passed along in the available ENV with some servers and setups. In these cases it doesn't exist as far as the backend is concerned. If you rely on it for dispatch, you may get burned. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: How to get uri_for something with a fragment?
2011/3/7 Adam Sjøgren a...@koldfront.dk: On Mon, 7 Mar 2011 13:01:42 -0800, Ashley wrote: What Ronald said + the #fragment is not passed along in the available ENV with some servers and setups. In these cases it doesn't exist as far as the backend is concerned. If you rely on it for dispatch, you may get burned. Uhm, the _browser_ handles fragments. Browsers don't send them to the server _at all_. Nice. I didn't want to blanket it with a 100% of the time in all clients/servers this won't work because I was not sure. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] What text editor to use?
Let's end this thread; 23 messages is enough and the topic is barely more relevant to Catalyst than What kind of lunch should I have? ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Simple literal Model
On Fri, Feb 25, 2011 at 9:22 PM, John M. Dlugosz wxju46g...@snkmail.com wrote:
On 2/25/2011 9:30 AM, Ashley Pond V apv-at-sedition.com |Catalyst/Allow to
home| wrote:
What t0m suggested is perfectly fine but if you want to mimic the DBIC
API with a different engine, this example does that (superficially and
as a tutorial only): http://sedition.com/a/2739 Log file model–Apache
access log. The reason that example makes sense is because the
underlying model/data is similar: searchable, sortable rows. If you're
trying to shoehorn in something dissimilar, you might be making a
mistake.
-Ashley
I'm not sure to what extent it is wise or correct.
The whole point of models is that it abstracts the model and I can change
where the data comes from later, right? So don't they all have an
underlying abstract interface regardless of how they are sourced?
Well, models just differ. DOM, relational, even hash and array with
all their similarity need some minor acrobatics if they are to be
treated alike. You can make an API to attempt to unify all the
possible data models but that would create an artificial complexity
much harder to track and work with.
This hits a sore spot for me. I've seen what I take to be a sort of
purity of MVC just about kill projects and make them incredibly
painful to work on. The layers are to make work easier, testable,
quicker, delegated, etc, not to achieve some fantasy where the
templates from a Cat app can be plugged into Rails or Django without
modification.
The examples I've read using DBIC use
[% WHILE ( item = list.next) %]
and I can imagine that in general we don't have efficient random access to
the rows; in C++ I would characterize this as a forward iterator or even
weaker, if I can't make a copy of the earlier state and go forward a second
time.
I would have hoped that the TT [% FOREACH %] directive would work here.
That seems like the natural means of abstracting the list. That is, the
controller can set anything into the stash that FOREACH knows how to handle,
including a plain Perl array.
The API for that in DBIC+TT would look like [% FOR record IN
list.all() %] or list.search({contraints...},{rows=max_rows}) or
list.search_related() etc, etc. The idioms are mostly the same in
TT as plain Perl. for can't recursively call an iterator any more
than while can unroll a list.
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Simple literal Model
On Fri, Feb 25, 2011 at 2:27 AM, John M. Dlugosz wxju46g...@snkmail.com wrote:
On 2/25/2011 4:06 AM, Tomas Doran bobtfish-at-bobtfish.net |Catalyst/Allow
to home| wrote:
__PACKAGE__-meta-make_immutable;
1;
And you then call $c-model('Foo')-data;
The implementation of the 'data' method could then later be replaced by an
attribute (i.e. has data = ( is = 'ro', isa = 'HashRef' );), and would
then get the data from config, or something more complex (e.g. to get the
data out of DBI, or another model, or whatever).
HTH
Cheers
t0m
Thanks. Is '$c-model('Foo')-data' what something like DBIC gives us, too?
That is, is a method named 'data' the convention? That is, if code was
given a result set (I think that is the right term) of a query that was
made on one of the main standard model types, what would the list of records
look like?
What t0m suggested is perfectly fine but if you want to mimic the DBIC
API with a different engine, this example does that (superficially and
as a tutorial only): http://sedition.com/a/2739 Log file model–Apache
access log. The reason that example makes sense is because the
underlying model/data is similar: searchable, sortable rows. If you're
trying to shoehorn in something dissimilar, you might be making a
mistake.
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Making secure session cookies (or, how do we make Explorer stop complaining about nonsecure content on a secure page?)
On Mon, Feb 21, 2011 at 6:11 AM, will trillich will.trill...@serensoft.com wrote: That's a neat trick -- hadn't heard of that one before. But the javascript isn't our nonsecure-items problem. Protocol free // isn't a javascript specific technique while we're on it. It simply means use the protocol that's currently in action. It will work for images and such as well as long as your server can send them secured. This technique was gaining traction 10 years ago but doesn't seem to get much use today. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Transferring control via root/auto
On Wed, Dec 8, 2010 at 6:59 AM, Larry Leszczynski lar...@emailplus.org wrote: In situations like this I find this flow diagram helpful: http://dev.catalystframework.org/attachment/wiki/WikiStart/catalyst-flow.png but I admit I am also not totally clear about how detach/go fit in... Maybe someone has an updated diagram (or can update this one)? I did that diagram a loong time ago (2006?). I'd be glad to amend it and I can see obvious changes it needs but I'd probably need input from core devs to round it out perfectly. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Which Form Validation Libs?
HTML::FormHandler Chiming in: FormHandler has been getting the most questions lately, IIRC, but I suspect FormFu is more often used. It has its own excellent mailing list (made excellent by the main dev, Carl Franks, who is very responsive and helpful) so the questions don't tend to end up here. Except for speed (it's quite slow) I like it very well and it has excellent hooks/extensions for DBIC. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] C::E::HTTP::PreFork deployment
On Tue, Nov 30, 2010 at 7:04 AM, Edmund von der Burg e...@ecclestoad.co.uk wrote: Hello, Currently I run several Catalyst apps under lighttpd using fastcgi. I'd like to switch to them being HTTP::Prefork. A very incomplete answer but I'd suggest adding PSGI/Starman to the list of things you look at. It's HUPable for restarts though I don't think anyone has written a file-watcher style hook to do that (yet) and can have workers added and removed with signals. With things like Plack::Builder you can make all kinds of tremendously powerful deployment choices pretty simple. I have a stub git repo for a starman service script: https://github.com/pangyre/p5-cat-starman-daemon (there is nothing there now but I do have a good skeleton that isn't committed/pushed. I was hoping to round out / generalize it in time for an advent entry. As well as a P::Builder thing... anyone seen my tuits? They were round, once. -ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Wrong Content-Length value
On Wed, Sep 8, 2010 at 2:30 PM, Bill Moseley mose...@hank.org wrote: On Wed, Sep 8, 2010 at 2:16 PM, Nicholas Wehr catal...@bionikchickens.com wrote: so which engine and version are you using? apache? built-in http? fastcgi? Apache, but that message is in Catalyst::Engine parent class. FWIW, this was plaguing me in FastCGI too. I got around it there by running the script with env, --unset=HTTP_CONTENT_LENGTH. It's been months though and whatever understanding of the issue I had gained, I've since lost. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] TheSchwartz - Catalyst::Model::Adaptor
On Sat, Aug 7, 2010 at 9:26 AM, gor...@gorste.plus.com wrote:
I am writing a job queuing system in catalyst. I have found an example of
a job queuing examples that uses TheSchwartz and catalyst through
Catalyst::Model::Adaptor. Currently it uses Sqlite, I need to use MySQL,
for me to do this I need to create TheSchwartz with augments like
I haven't played with your sample at all, or looked at the stuff much
in a year, but MySQL should actually be easier than SQLite and you
dropped the mange_args sub which is probably relevant. Try adding it–
sub mangle_arguments { %{$_[1]} }
http://sedition.com/a/2742
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] rich ajax UI component libraries for Catalyst?
On Mon, Jul 26, 2010 at 10:53 AM, Jason Kohles em...@jasonkohles.com wrote: Unless you are referring to the old licensing scheme (which went away some time ago) then discouraging ExtJS use because of it's license is absurd, as the license is GPL. They do have a commercial license available as an option, but you only need that if you want to distribute ExtJS as part of your application and are not prepared to do it under the terms of the GPL. Not wanting to distribute under the GPL is not uncommon and while one might argue it's not the Right Way(tm), I don't think there is a good argument for it being absurd. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Catalyst::Authentication::Credentials::OpenID, extensions and Config::General
On Thu, Jul 8, 2010 at 2:22 PM, Adam Sjøgren a...@koldfront.dk wrote: The example given in Config::General format in the CONFIGURATION section of the Catalyst::Authentication::Credentials::OpenID doesn't seem to yield the structure that is expected by the module. If you, or anyone, provides a better example, I'll gladly add it. I'm not familiar with Config::General (the example config is from a patch). -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Alternatives to DBIx?
On Apr 17, 2010, at 7:59 AM, John Karr wrote: Thanks Lyle and Ovid for your responses, both SQL::DB and Fey::SQL look like saner approaches, and I will take them both for a test drive. I also liked the article Lyle referenced. -Original Message- From: Lyle [mailto:webmas...@cosmicperl.com] Sent: Saturday, April 17, 2010 9:36 AM To: The elegant MVC web framework Subject: Re: [Catalyst] Alternatives to DBIx? Personally I think DBIx::Class is the biggest load of crock out there. It's much slower, awkward to use, time consuming to learn, and as soon as you try to do some complicated queries you'll end up dropping it anyway. ORMs simply cannot work in the long run:- http://www.codinghorror.com/blog/2006/06/object-relational-mapping-is-the-vi etnam-of-computer-science.html Just to put it out there -- I think for every dev who has arrived at this conclusion there are more who think DBIx::Class and Rose::DB and friends are wonderful. DBIC does have one caveat that can make it bad a choice: it requires some rigor in your database schema. Broken, bad, goofy DB relationships make DBIC a poor choice because you might have to resort to crazy code to make things work. If your schema is sane, everything, even extremely complicated queries are generally easy (after you get ramped up, it does have a learning curve). Of course you can use straight DBI etc and if it's what you're used to it will be much faster at first. The main issue is that you'll get templates or controllers littered with shims, iterators, raw SQL etc. You could of course start pushing it back into the model yourself but what that'll be doing is slowly reinventing one of the other ORMs but much less well. This is basically every Perl developer has to write his own templating language once to learn why it's such a bad, part 2. You'll have to learn a lot either way. The Stone Soup of rolling it yourself is seductive and seems easier but taken as a whole it is most certainly not. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Alternatives to DBIx?
On Apr 17, 2010, at 7:31 PM, Lyle wrote: J. Shirley wrote: If your developers cost less than your servers, raw DBI is probably a quite adequate solution. Glad someone is doing it, because I wouldn't touch those jobs All depends. If you're product is to go to hundreds of customers, then the cost of them all having to buy high end servers if much more than the developer time. Plus a lot of them won't buy if it means a server upgrade. Like I said it all depends on the what kind of websites you are working on, or what your customers expect. There are lots of different angles on these things. Don't get me wrong, when I free lance I have to do Cat/DBIC/ Whatever, doesn't mean I enjoy or agree with it. I have had several Cat apps on an $8/month host for several years now. Catalyst apps don't need high end (though they do usually need a persistent execution of some kind; modperl, fastcgi, etc; RoR and some PHP stuff having the same need has helped get fastcgi on many budget hosts). Just appending that to the thread for anyone who comes in to read this and gets the impression that anything else is true. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Catalyst benchmark 5.7 vs 5.8 - new test
Possibly related anecdote. My main personal app went from 5 second start ups to start ups of well over a minute when I went from 5.7 to 5.8. I had a handful of Controller and Model classes in which I had written test code and then removed it all so they looked something like- package MyApp::Controller::Stuff; 1; __END__ Tons of code that was deemed too dangerous or experimental for production but I want to keep in this package for when I finally sort it out... The test server reminded me about them with warnings. I removed them (I *think* that's all I did) and startups went back to normal. Still quite a bit slower but not astronomically slower. On Sep 29, 2009, at 3:42 PM, Oleg Pronin wrote: i meant 100 resultsources+controllers :-) not models 2009/9/30 Tomas Doran bobtf...@bobtfish.net: On 29 Sep 2009, at 22:12, Oleg Pronin wrote: 5.8 !!TWICE!! slower at startup than 5.7 under any perl version. This is annoying because i have 100 models and i do not want to wait 10 secs while it is starting in debug. Patches welcome to optimise things for your wacky use-case given appropriate NYTProf blame. Cheers t0m ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Testing Web 2 cat apps
On Sep 12, 2009, at 10:53 AM, Lyle wrote: Hi All, So far all the Catalyst testing I've done has been with WWW::Mechanize. I'm just writing tests for a Catalyst component I've written that only produces one TT view, everything else is done with JQuery/AJAX/ JSON. It would be nice to test all the JQuery from the Perl test suite... But how? If there isn't a good way to do it from the Perl tests, then what is the strategy for automated testing of JQuery code in Catalyst apps? Selenium + Perl. It executes the tests within a running browser. Requires Java to run the browser controller (the Selenium server). There is a sweet IDE plugin for Firefox for writing the tests. Google around for it. There are many examples, docs, and supporting modules. http://search.cpan.org/search?query=seleniummode=all -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] New Apress book on Safari Books Online
On Jul 28, 2009, at 1:01 PM, Jonathan Rockway wrote: * On Fri, Jul 24 2009, Ali M. wrote: In that case can you post numbers, how many copies the book sold? This can be a good health check indication for how well the framework is perceived and how popular it it! Maybe JRockway can also tell us how many copies his book sold! This data is generally not supposed to be disclosed. But, I can say with confidence that there are many thousands of Catalyst users -- way more than you'd expect from reading the mailing list or irc channel. (And the cat list / channel are among the busiest Perl forums.) (Sales have not dropped off much, either.) I feel compelled out of a sense of honesty to announce that most of the sales were to me. I mistakenly bought 17,645 copies in the belief they were signed by the author. A fortune teller had promised me he was about to shoot the President and I expected to make a mint. Bad luck on all accounts. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] 10 Catalyst Models in 10 Days wrapping up-ish
On Jul 27, 2009, at 7:16 AM, Octavian Râsnita wrote:
From: Ashley a...@sedition.com Hey, all.
http://sedition.com/a/2733 is mostly done (I have serious repairs
to do to make #9 work and might drop it entirely for a second
stringer)
Hi,
Thank you for it.
In the first model (Random quotes), I've seen the following line:
sub get_one : method {
Can you tell what does : method is used for and what happends if
we don't use it?
Is it ok if I will have more questions like this about the next
models?
Hi Octavian (and anyone curious). It's attributes, similar to Cat
dispatch stuff, and it's one of the only ones built-in to Perl. Check
out http://perldoc.perl.org/perlsub.html and http://perldoc.perl.org/
attributes.html for a real description. I'm not sure how useful the
declaration actually is. It can help disambiguate certain calls when
names in the global/core collide but I think that's about all it does
here.
Since we're on the subject, #9 TheSchwartz, is pretty clean now, in
part thanks to Oleg Kostyuk who just alerted me to a problem. And the
git depot has downloads with all the stuff working (once you do the
dependencies): http://github.com/pangyre/p5-myapp-10in10/tree/master
Wrap-up was yesterday: http://sedition.com/a/2744
And since it's been mentioned: my copy of the new book came from
Amazon (US) on the cheap-o, free shipping in 4 days.
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
[Catalyst] 10 Catalyst Models in 10 Days wrapping up-ish
Hey, all. http://sedition.com/a/2733 is mostly done (I have serious repairs to do to make #9 work and might drop it entirely for a second stringer) with the last model entry, #10: Fixing your legacy code by not fixing it, http://sedition.com/a/2743 To make it easy to play with and fix I've put it on github: http:// github.com/pangolin/p5-myapp-10in10 -- the project contains a fairly detailed index page of the projects and files, a src browser, and most of the collateral needed to make it all run. It's not super clean but it makes no sense to put up a tarball and expect anyone to keep getting it for updates. I'll be updating the project lightly for awhile still. I welcome and appreciate any good eyes/patches on it. Speaking of git: The best tech quote of 2009, http://sedition.com/a/ 2784 Now off to get the OpenID credential installing without complaints/ failures. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Re: 10 Catalyst Models in 10 Days wrapping up-ish
Stupid developer update/warning. I set up my github awhile back before I'd settled on a contracting company name. I just reset the name to match since I may actually be using it for more things. Project URI is now- http://github.com/pangyre/p5-myapp-10in10 On Jul 25, 2009, at 2:25 PM, Ashley wrote: Hey, all. http://sedition.com/a/2733 is mostly done (I have serious repairs to do to make #9 work and might drop it entirely for a second stringer) with the last model entry, #10: Fixing your legacy code by not fixing it, http://sedition.com/a/2743 To make it easy to play with and fix I've put it on github: http:// github.com/pangolin/p5-myapp-10in10 -- the project contains a fairly detailed index page of the projects and files, a src browser, and most of the collateral needed to make it all run. It's not super clean but it makes no sense to put up a tarball and expect anyone to keep getting it for updates. I'll be updating the project lightly for awhile still. I welcome and appreciate any good eyes/patches on it. Speaking of git: The best tech quote of 2009, http://sedition.com/ a/2784 Now off to get the OpenID credential installing without complaints/ failures. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] OpenID authentication and LWPx-ParanoidAgent
Yep. Sorry. I am working on a new one. Just keep getting stuck trying to update the tests to run correctly. I'll commit to getting a new one out this weekend even if I have to TODO the live tests for now. The real issue here though is that using LWP::UA instead of ParanoidAgent is a security problem. Someone can point your openid form at a tarpit provider. So I would definitely *not* use this in production without it but recent updates to LWP broke ParanoidAgent which relies on some deprecated debug behavior. Brad Fitzpatrick and friends have done a great job getting these things together so I don't want to come off critical. The real answer here is to get ParanoidAgent fixed. If anyone can look at it and send a patch to that package, that would be the best thing. In the meanwhile I'll adjust the credential to at least be installable without failures. -Ashley On Jul 17, 2009, at 1:33 PM, Zbigniew Lukasiak wrote: Hi there, It seems that http://matrix.cpantesters.org/?dist=LWPx-ParanoidAgent +1.05 fails on every front (and if you check the history it wasn't much better in previous releases). So what you guys use as the LWP agent for OpenID authentication? -- Zbigniew Lukasiak http://brudnopis.blogspot.com/ http://perlalchemy.blogspot.com/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/ catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] 10 Catalyst Models in 10 Days
I'm doing a series of short-ish articles called 10 Catalyst Models in 10 Days. It will be too light for a good slice of the list but might be fun for some and potentially quite beneficial for newcomers. They're not as polished, thorough, or proofed as I'd like--in fact, only 7 of the 10 are close to done--but I wrote 90% of it a few weeks ago already and it's not finishing itself and MST's no closer to a pink Mohawk so- http://sedition.com/a/2733 That's the intro. It'll be one each weekday for two weeks. Corrections will be applied if you see something wrong and let me know (I'd appreciate messages come just to me instead of the list). I'll put a dist file of the whole MyApp code up after the last one posts. For those who don't know me and might be curious, the site is a Catalyst blog I wrote 2+ years ago. On a budget host (DreamHost) under fastcgi and serves a few thousand pages a day on slow days (the budget part does come with some instability but generally it's been fine). ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] OpenID and SREG
On Jul 3, 2009, at 9:13 PM, Trevor Phillips wrote:
Catalyst::Authentication::Credential::OpenID I've got the basics of
Authentication working, but I'm having problems with SREG.
The first problem is when using a .conf config, the docs say you
can use:
extension_args
http://openid.net/extensions/sreg/1.1
requiredemail
optionalfullname,nickname,timezone
/extension_args
However, this fails, since this doesn't resolve into an Array, which
is what Net::OpenID::Consumer expects when
Catalyst::Authentication::Credential::OpenID calls set_extension_args.
Ok, so I can get around that by defining my Auth in my Perl module
instead...
The next problem is I can't seem to get at the SREG hash. I'm trying
to get the hash using:
$sreg = $c-user-signed_extension_fields(
'http://openid.net/extensions/sreg/1.1'
);
...but this just assigns $sreg the string
'http://openid.net/extensions/sreg/1.1'.
Dumps of $c-user don't show anything useful either.
Am I missing something, or is OpenID Extensions for Catalyst
currently broken?
The configuration examples are bad. Menno Blom provided the patch to
support the stuff and I documented it incorrectly. I'm really sorry
about this; it's been this way for a long time. I've been trying just
this week to get a new release but I was also trying to run deeper
tests to make sure I don't make another faux pas and I've been having
problems getting them together and LWPx::ParanoidAgent is still
broken and my excuse machine is on the fritz.
The snippet below (unedited, it's better to not use the config-{} =
assignment idiom) is from a recent report from Orlando Vazquez who
got it running in spite of the bad doc. There was also an issue with
Config::General being a PITA regarding the data structure so you
might want to start with a pure Perl config and if it runs, then put
it into your favored config file format.
-Ashley
__PACKAGE__-config-{Plugin::Authentication} = {
use_session = 1,
default_realm = 'openid',
realms = {
openid = {
credential = {
class = 'OpenID',
store = {
class = 'OpenID'
}
},
### need this to get registration fields
extensions = {
'http://openid.net/extensions/sreg/1.1' = 1
},
extension_args = [
'http://openid.net/extensions/sreg/1.1',
{
required = 'email,timezone',
optional = 'fullname,nickname,timezone'
}
]
}
}
};
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] OpenID and SREG
On Jul 4, 2009, at 2:43 AM, Trevor Phillips wrote: Are you referring to LWPx::ParanoidAgent exploding when a bad Identity URL is given? I tried using eval to get around it but that seems to clash with the rest of the workings of your library. No, the LWP debug clash. It's not that important but it will cause any installation to fail if it has a new LWP and I think ParanoidAgent is really the only one to use in production. Brad did an update on it last week but it didn't include removing the deprecated LWP hooks. I have mixed feelings about the exception throwing behavior I put in. All the authentication plugins fail silently except mine but OpenID is a drag to debug so I felt like it was necessary. I've meant to get with t0m and the list to discuss a better failure mechanism. I'll probably just make it noisy in the log and stop the error throwing. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Scalable Catalyst
On Apr 30, 2009, at 8:50 AM, Alejandro Imass wrote: Anyway, the message is that with mod_worker/mod_perl you can spawn _thousands_ of threads, getting impressive concurrency (without counting the mutex). We have tested Catalyst applications that handle _thousands_ of concurrent requests using off the shelf AMD 64Bit HW and 12Gb RAM, with a Catalyst app of about 20MB RSS. Hey, Alejandro! You should really write up the way you did it for the wiki or an article somewhere. Please! -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: OT: JS no longer sucks, (was Catalyst - any good AJAX tutes?)
On Mar 8, 2009, at 8:18 AM, Aristotle Pagaltzis wrote: * Ashley a...@sedition.com [2009-03-07 22:20]: I used to feel the same about JS. The language itself has improved Objection: Well... the lack of regular array operations like push, the disparate and incompatible implementations of regular expressions, some still current syntax disparities like trailing commas or reserved keyword treatment, the errors constantly shutting down browsers, operators behaving differently. I suppose I get what you mean, the spec didn't suck, the implementations did. But we were discussing usage, not design theory. :) * http://fishbowl.pastiche.org/2009/02/20/the_dom_stigma/ When recommending jQuery to co-workers, friends, random passers-by and the occasional hobo (as I have been wont to do recently) I have tended to summarize its merit as “it makes Javascript not suck.” Which is rubbish. Javascript has always been perfectly cromulent. What jQuery does is make the DOM API not suck. ++ to the quoted for the use of cromulent. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] OT: JS no longer sucks, (was Catalyst - any good AJAX tutes?)
On Mar 7, 2009, at 12:55 AM, kakim...@tpg.com.au wrote:
Basically, I am a web developer who hates JS and want to do minimal
with
it. Whatever I could get away with coding in perl, i would do it
cause i
know the language better and that it's more reliable. Js is dirty (or
well, the newer incarnations might be good but heck).
I used to feel the same about JS. The language itself has improved
(I'm discovering ActionScript 3 is pretty damn cool too) and the kits
to wrap it in a cross-browser fashion are awesome. Even the ones I
think are not so great (like prototype) are still, objectively, quite
nice. And there are several that are great and just a matter of taste
or need. These are what I consider the best: Dojo (newer versions),
MooTools, YUI, ExtJs (I'm starting to not like it as much now that
the honeymoon is over), jQuery. The last being my personal choice:
write less, do more.
jQuery reminds me the most of Perl while actually looking nothing
like it. It's terse and immensely powerful. It gets out of your way
and for a CSS/XHTML dev, it's second nature.
The hide/show on the tutorial for example is done with two jQuery
commands — it could be chained as one but it decreases readability —
and gracefully degrading layout. This is the markup, two PREs, with
classes of command and result.
pre class=commandj...@jasper[71]~gt;whoami/pre
pre class=resultjinx/pre
This is the jQuery-
// Find what comes after a .command and hide it.
$(.command).next().hide();
// Put a click toggler on the .command elements to slideDown
// and slideUp.
$(.command).toggle(
function(){ $(this).next().slideDown() },
function(){ $(this).next().slideUp() }
);
And that's it! The markup is untouched if there's no JS enabled. So
it's just command/result. If there is JS, you get the neat show/hide.
Once you get the functional/callback style of code jQuery is
completely easy to sling.
Thanks again, Ash. You rock.
Catalyst and jQuery make it easy, as I hope the example shows. By the
way, the site, sedition.com, is Catalyst powered and has been since
Friday, 1 December 2006. I'm trying, *again*, to rewrite the app
beneath in a general and robust way for CPAN release. :)
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Requirements for Catalyst
On Feb 21, 2009, at 9:42 PM, bill hauck wrote: I'd suggest getting a month with Linode and seeing how you like it. Thanks much to you and JRock. I took the plunge and it's pretty easy-- if a bit verbose installing everything--after all. On a side note I saw a preview of a Catalyst-centric host tonight but I don't know if I'm allowed to talk about it or if it'll debut any time soon so I'll just offer that teaser and head for the pillow. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Requirements for Catalyst
On Feb 21, 2009, at 2:21 PM, Octavian Râşniţă wrote: It is very clear that a Catalyst app can't run on a shared host, but it requires either a dedicated server or a VPS. I've been running four or five Cat apps on shared hosting for 3 years. I wouldn't do it for a business but it's fine for regular personal sites; and I would never run any business from a shared host anyway, it's not really a Cat issue on that front. I serve something like 5-15K pages a day from Cat on DreamHost under fastcgi. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Requirements for Catalyst
On Feb 21, 2009, at 3:04 PM, Jonathan Rockway wrote: We run lots of Catalyst apps on the smallest Linode. I think they give us something like 340M of RAM. This is enough. I use a 512M Slicehost for jrock.us, which runs my mail server and a few Catalyst applications I know this is getting pretty off topic but I'm hovering on a VPS buy so I'd like to hear more about why these two and what you'd say to someone like me whose Perl is drastically better than my admin chops. Put your referral code(s) if you've got them in your response too. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] RFC: The paradox of choice in web development
On Feb 15, 2009, at 1:04 AM, Dan Dascalescu wrote: First: Perl jobs are not decreasing. While there is not a ton of 'Buzz' around perl anymore... If you look at actual jobs stats: http://tiny.cc/kkcCM Perl is above all the others by some margin. Short version: that graph is misleading. Click the Relative link. You had some great points below this but I think this one isn't. The relative graph is the misleading one and something so put in print and in conversations with tech managers. The relative graph makes it look like there are tons of RoR jobs. There aren't. Job seekers who need a job now outweigh those that like to gamble on trends and getting hired in the future. A lot of devs, most(?), today are not CS guys. It's not just the kit they'd be investing in but the language. It's not Cat or RoR, it's Perl or Ruby. Perl is simply a better choice for tech work if you're only able to handle one and I personally don't see that changing for a long time. Maybe more important than a user case is a dev case. I've been brought into two projects to do Catalyst and the big concern in both was that there weren't enough developers who knew the framework. And while others have made good points there were many that weren't so hot. Using a big company as an example of a place that picks the best is ridiculous; their size and bureaucracy often mean they can't. When I was at Amazon I watched them burn millions of dollars on dead end projects because they picked the wrong tool for the job. They picked Java to create a highly agile customer service tool. It was an unmitigated disaster that was abandoned for a Perl rewrite 18 months after it was still too slow, too buggy, and incomplete. It's my understanding, though I wasn't there for this one, that they did a project with Ruby to do employee reviews where the whole thing was ditched for the legacy version the day it was to go live because it didn't work outside the dev env. There's some good FUD: Java and Ruby lead the failure of Amazon.com projects and the loss of millions of dollars. I liked everything Jay said about it. My own 2¢ would be that we should each take as much time to make Cat developer-friendly (docs, examples, blog posts) as we can; and some of you are doing a great job at this already. We have a great kit, a great community, and the more obvious and accessible it is, the more we ensure continued success. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] RFC: The paradox of choice in web development
On Feb 15, 2009, at 12:31 PM, Octavian Râsnita wrote: The list of CPAN modules you shouldn't use because they are not good: Everyone should consider writing more reviews on the CPAN reviews site too. It's directly connected with them. It wouldn't carry the same sort of authority as a formal list from a group but I make my choices of what to at least try first based on reviews somewhat often. See also: http://www.perlfoundation.org/perl5/index.cgi? recommended_cpan_modules -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Catalyst::Plugin::Session::Store::CHI
Actually, replying to myself already; and top posting to boot. Alternatively: would it be a good idea to make the ::Store automatically discover the cache if it's there already? I might try a patch for that but I doubt it's as easy as a new store. I'd like it better though. On Feb 9, 2009, at 6:02 PM, Ashley wrote: Has anyone written Catalyst::Plugin::Session::Store::CHI for personal use yet? I haven't use CHI but it strikes me as vastly superior to the regular cache interfaces (having code refs for errors and checks on things that are still within their expiry). Unless there is some negative feedback about CHI or someone volunteers some code for this, I'll try to bat it out. http://search.cpan.org/~jswartz/CHI-0.091/ http://search.cpan.org/~jswartz/CHI-0.091/lib/CHI.pm http://search.cpan.org/~fayland/Catalyst-Plugin-CHI-0.03/lib/ Catalyst/Plugin/CHI.pm -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/ catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Catalyst::Plugin::Session::Store::CHI
Has anyone written Catalyst::Plugin::Session::Store::CHI for personal use yet? I haven't use CHI but it strikes me as vastly superior to the regular cache interfaces (having code refs for errors and checks on things that are still within their expiry). Unless there is some negative feedback about CHI or someone volunteers some code for this, I'll try to bat it out. http://search.cpan.org/~jswartz/CHI-0.091/ http://search.cpan.org/~jswartz/CHI-0.091/lib/CHI.pm http://search.cpan.org/~fayland/Catalyst-Plugin-CHI-0.03/lib/ Catalyst/Plugin/CHI.pm -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] New Catalyst Book?
On Feb 5, 2009, at 3:28 PM, Kieren Diment wrote: On 06/02/2009, at 9:14 AM, Kevin Monceaux wrote: On Thu, 5 Feb 2009, Jason Gottshall wrote: Just out of curiosity, who is authoring it? It looks like the book is already listed on apress.com: http://www.apress.com/book/view/1430223650 Oh shit, that means we've actually got to finish it :o Sidebar: not to steal anyone's thunder but it's on point so... I'm back working on an online manual which I started a year ago. It's a project walk-through from start to finish. Not sure when it'll start getting posted -- it'll be a chapter every couple days for a month or two. I've got a lot done lately so I'm optimistic it'll start going up pretty soon. As it'll be a living doc, I'll roll critiques, corrections, or good comments into it. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Newbie Question about Database
On Jan 19, 2009, at 7:06 PM, Charlie Garrison wrote: Good afternoon, On 19/01/09 at 8:11 PM -0500, Robert L Cochran cochr...@speakeasy.net wrote: I also wonder if Catalyst can make use of a .my.cnf file if there is one. Why is this important? Because you can keep your connection password private. You can pass a path to a user defaults file as part of the DBI connect string. I don't recall the syntax though. This is how I usually do it. The __path_to()__ in configs gets expanded properly. Model::DBIC: schema_class: MyApp::Schema connect_info: - dbi:mysql:myappdb;mysql_read_default_file=__path_to (etc/.mysql.cnf)__ - ~ - ~ - RaiseError: 1 PrintError: 0 AutoCommit: 1 ChopBlanks: 1 -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] installing catalyst on mac os
On Dec 24, 2008, at 2:07 PM, Tomas Doran wrote: On 24 Dec 2008, at 18:27, Ashley wrote: On Dec 24, 2008, at 2:08 AM, Tomas Doran wrote: On 24 Dec 2008, at 00:25, Ashley wrote: I love OS X but the Perl it has historically shipped with is historically no so hot. I would strongly recommend you install the latest 5.8 (NOT over your system perl but beside it) or 5.10. I don't consider this good advice, especially for a beginner. He didn't say he was a Perl beginner. :) Yeah, sorry - total misreading on my part there.. He said he was new to Catalyst. The perl + libs OS X ships with have caused me many problems (nothing with Cat springs to mind, more C-based things like Storable) in the past from the public beta to 10.4. I've never had an issue with Apple's perl myself. I wouldn't use it for production (where I build my own from source), but I've always found it fine for development.. It's not bad advice, generally - but readers could have got the impression that Catalyst itself is unlikely to work on the perl which Apple ship, which isn't true.. I've used every single OS X from the PB and I've had problems with all of them except 10.5 but I didn't keep it long enough to know if it would cause problems, I upgraded Perl as soon as I got my new machine. Maybe I do more odd things than you, but many system installs are not particularly hot. The vendors make goofy, subjective choices and releases get frozen with bugs. Red Hat Perl has also had big problems, which clobbered DBIC among other libs, just as another example. You should cook your own if you know how. This might be the problems with the temporarily out of sync content decoding layers in LWP v Mech. Which are all fixed in the newest versions. So installing LWP and WWW::Mechanize before Catalyst might be all that's needed. I think that is just idle speculation... I think that's just a cliche to fill space... There was an ongoing problem between Mech and LWP regarding decoding layers it was discussed on those lists, Perl Monks, and here too as it was messing with testing Cat apps. It was fixed. The last time I updated was about then and everything went fine. Without looking at test output it was a perfectly reasonable guess. I can confirm that right now for me, a freshly installed 5.8.8, pulling everything (including latest WWW::Mech, and latest LWP) from CPAN, WWW::Mech fails tests for me, as per: You're right. It's bad live tests. They're checking live sites which is prone to falling down, obviously, because sites change content. All the unit tests pass so a force install in this case is completely reasonable. j...@jasper[124]~/build/WWW-Mechanize-1.52prove -l lib t t/00-load.1/2 # Testing WWW::Mechanize 1.52, with LWP 5.822, Perl 5.01, /usr/bin/perl t/00-load.ok t/add_header..ok t/aliases.ok t/area_link...ok t/autocheck...ok t/clone...ok t/cookies.ok t/credentials-api.ok t/credentials.ok t/die.ok t/field...ok t/find_frame..ok t/find_image..ok t/find_inputs.ok t/find_link-warnings..ok t/find_link...ok t/find_link_idok t/form-parsingok t/frames..ok t/image-new...ok t/image-parse.ok t/link-base...ok t/link-relative...ok t/linkok t/new.ok t/pod-coverageok t/pod.ok t/regex-error.ok t/save_contentok t/select..ok t/taint...ok t/tickok t/upload..ok t/warnok t/warningsok All tests successful. Files=35, Tests=339, 20 wallclock secs ( 0.45 usr 0.41 sys + 14.26 cusr 2.88 csys = 18.00 CPU) Result: PASS ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] How to run self-tests from within the application
What am I doing wrong?
This code starts to work but hangs (and always times out if a timeout
is specified).
sub auto :Private {
eval { require IPC::Cmd;
require File::Find::Rule;
};
}
sub index :Path :Args(0) {
my ( $self, $c ) = @_;
my @tests = File::Find::Rule-file()
-name( '*.t' )
-in( $c-path_to(t) );
# Messing with this doesn't seem to help...?
local $SIG{CHLD} = DEFAULT;
my $prove = IPC::Cmd::can_run(prove);
# Just run 01app.t in $test[0] for the sake of testing this.
my ( $success, $error_code, $full_buf, $stdout_buf, $stderr_buf ) =
IPC::Cmd::run( command = [ $prove, -I . $c-path_to
(lib), $tests[0] ],
timeout = 15,
verbose = 0 );
$c-response-content_type(text/plain);
$c-response-body( join\n, @{$full_buf} );
#$c-response-body( join\n, @tests );
}
After it times out, this appears in the test server output in the
terminal:
.../t/01app..ok
All tests successful.
Files=1, Tests=2, 23 wallclock secs ( 0.02 usr 0.01 sys + 3.78
cusr 0.57 csys = 4.38 CPU)
Result: PASS
Why is it hanging? Is there a pipe or something I could add to the
command? What are the environmental caveats if I can get this to run
under the test server v fastcgi/modperl?
Thanks for looking!
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] create search engine friendly uri from string
On Dec 15, 2008, at 1:23 PM, Moritz Onken wrote:
Am 15.12.2008 um 21:53 schrieb Johannes Plunien:
On 15.12.2008, at 21:22, Jim Spath wrote:
You might also want to add these two to the end:
=~ s/--+/-/g;
=~ s/-$//g;
Scott McWhirter wrote:
$str =~ s{\W}{}g;
$str = lc($str);
$str =~ s{\s+}{-}g;
My not very elegant, but working solution:
my $str = Beta Launch Invites: Kwyno Brings The Web Into Your
IM And (Soon) SMS Inboxes ;
$str =~ s/^\s+|\s+$//g;
$str =~ s/\W/ /g;
$str =~ s/\s{1,}/ /g;
$str =~ s/\s/-/g;
$str = lc($str);
print $str\n;
Just a caveat that should be in the doc you end up with if not
possible in the code. URIs are supposed to be unique to a resource.
Titles of articles and pages are not (necessarily). The end user/dev
will have to check for duplicates against the data and append a -II
or -2, and so on.
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
[Catalyst] Emulate a tar pit for OpenID tests
I want emulate a trap URL to test the OpenID stuff. The real world
case is someone using a malicious OpenID URI which would effectively
be a DoS against the OpenID consumer site by tying up processes (and
bandwidth in a real attack). They'd go to initiate the OpenID
transfers with the malicious URI and get stuck waiting and
downloading huge amounts of data.
I guess I can just do something like-
sub tarpit : Global {
my ( $self, $c ) = @_;
local $/ = 1;
$c-response-content_type(text/html);
# Expect an arbitrary, biggish amount of content; it's a lie.
$c-response-headers-header(Content-length = 1_024 * 1_000);
sleep 1 $c-response-write(sucker\n) while 1; # Send
content forever, slowly.
}
So, my question for y'all is: How does that look? Better ideas? Is
that close to a real world (operationally) case?
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
[Catalyst] Catalyst::Authentication::Credential::OpenID update; 2.0 + SREG
http://search.cpan.org/perldoc? Catalyst::Authentication::Credential::OpenID Catalyst::Authentication::Credential::OpenID now supports -- thanks to Martin Atkins -- OpenID 2.0 as well as 1.1. Thanks to a patch from Menno Blom, C::A::C::OpenID also loads Simple Registration (SREG) data when it's present/configured. I am not using this in the wild right now so I'd really appreciate any bug/problem tickets or Pod patches. If there are OpenID extensions other than SREG which anyone is using, please let me know so I can look at them and see if/how they can be supported. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: fcgid
On Sep 29, 2008, at 5:14 PM, Aristotle Pagaltzis wrote: * John Lee [EMAIL PROTECTED] [2008-09-29 16:05]: What's the general concensus in the catalyst community nowadays? Is mod_fastcgi preferred at large over mod_fcgid these days? Personally? ::Engine::HTTP::Prefork + ::Plugin::Static::Simple. Then I put a reverse proxy in front (it doesn’t really matter, I’ve used Apache mod_proxy and Varnish, pick whatever you like), and teach that to cache the static files for a very, very long time. That way, the Catalyst server a) is completely decoupled from its deployment environment (the two parts don’t even have to be on the same machine), b) can therefore also be debugged standalone in production, c) can be an exact replica of the server that runs on the developer’s machine. (Although the last point is watered down a little by adding a reverse proxy to the mix in production.) This is late to revisit but I'd *love* to see this as an advent entry (or a vanilla tutorial anywhere). -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] PDF creation in Catalyst?
On Oct 22, 2008, at 11:08 AM, Kirby Krueger wrote: If you go to catalystframework.org, it says on the main page: And in case you want PNG or PDF output, you'll need just a few lines... Can someone give me those few lines? :-) I hope someone will have something more directly helpful with a code snippet (I'd love to see it too) but essentially this is a PDF question, not a Catalyst one excepting how to plug in another view in addition to your TT which is easy and in the docs. If no one ends up having any good fish to offer, this is a good set of places to start casting the old rod n'reel. http://www.perlfoundation.org/perl5/index.cgi?pdf http://www.google.com/search?as_q=pdf +createas_sitesearch=www.perlmonks.org (etc) http://search.cpan.org/perldoc?PDF::FromHTML (maybe? to take your current page output and run it into PDF though this might not give much control) If the stuff isn't dynamic and you really can't wait, it might be faster to create them yourself from the HTML you've got (print to PDF, manipulate in Acrobat or something) and serve them as static files. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Making proxy requests cooperate with uri_for
This might be a simple question but I've never had to do it before, Googling for it is difficult, and none of the main docs seems to have the info. I want to run myapp_server.pl script as a proxy as if it were from a dir. This is easily accomplished with ProxyPass /from_dir http://localhost:8080/ ProxyPassReverse /from_dir http://localhost:8080/ The problem then is $c-uri_for(/) returns http://localhost/ when http://localhost/from_dir is what is really needed. This message seemed like the right answer http://lists.scsys.co.uk/pipermail/catalyst/2007-December/016241.html but it doesn't work (Apache 2.2); uri_for() is still not adjusted to include the desired proxy path. RewriteEngine On RewriteRule ^/from_dir/(.*$) http://localhost:8080/$1 [P] ProxyPassReverse /from_dir/ http://localhost:8080/ RewriteRule ^proxy:.* - [F] I played around with setting the (apparently?) undocumented using_frontend_proxy in the App config too but no dice. What am I doing wrong / how can I get uri_for() to behave? Thanks! -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: CSRF
On Sep 30, 2008, at 11:13 PM, Aristotle Pagaltzis wrote:
* Ashley [EMAIL PROTECTED] [2008-09-30 19:30]:
If scripting is involved that makes it a XSS attack instead,
though. No?
No.
Yeah, that was unclear. I was talking about our own sites
and Cat apps, not the web at large. It was in that context
which I suggested script based attacks were by definition
going to be XSS. Malicious ActionScript is still script.
But I hadn't read the POST exploits as described in the
white paper so I was wrong.
Might be pretty simple in Cat stuff. The crux of the POST
issue seems that the target site's cookies are still safe
from the attacking site's POST. So, off the top of my
head, untested, please modify, correct, refine, put
in wiki, etc.
Form template:
form action=[% c.request.uri() %] method=post
[% USE Digest.SHA1 -%]
input type=hidden value=csrf_check value=[% c.sessionid |
sha1_hex %] /
/form
Controller form validation:
use Digest::SHA1 qw(sha1_hex);
some_error_or_other() unless
$c-user_exists
and
$c-request-body_params-{csrf_check} eq sha1_hex($c-sessionid);
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: CSRF
Nope. On Sep 30, 2008, at 11:57 PM, Ashley wrote: Might be pretty simple in Cat stuff. The crux of the POST issue seems that the target site's cookies are still safe from the attacking site's POST. ... Form template: form action=[% c.request.uri() %] method=post [% USE Digest.SHA1 -%] input type=hidden value=csrf_check value=[% c.sessionid | sha1_hex %] / /form This won't work because the attacker can grab it by a GET and while it doesn't expose the sessionid, it does remain constant for the life of the session. As the white paper suggests, it has to be pseudo-random and it looks like it has to be per request. If no one else fields this in the next couple of days I'll come back to it and post a real solution. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] CSRF
On Sep 30, 2008, at 10:08 AM, Moritz Onken wrote: attackers can use POST This is possible due to the fact that flash movies can send any request to a server. You can achieve this even with a XMLHTTPRequest. If scripting is involved that makes it a XSS attack instead, though. No? -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Help! Need help deploying app to Apache
On Sep 17, 2008, at 10:33 AM, Bruno Antunes wrote: I sent an example of the errors in Apache's error_log, it was like this: [Wed Sep 17 18:30:18 2008] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations [info] *** Request 1 (0.143/s) [30709] [Wed Sep 17 18:30:24 2008] *** [debug] GET request for / from 10.137.9.24 [debug] Rendering template index.tt [error] Couldn't render template file error - index.tt: not found [error] Couldn't render template file error - index.tt: not found [info] Request took 0.066461s (15.046/s) Not very helpful, was hoping Catalyst could be more verbose. If software could debug itself there would be no bugs. The error in that batch seems pretty clear: Couldn't render template file error - index.tt: not found Looks like you either don't have an index.tt or you have the INCLUDE_PATH set badly in your TT stuff. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: [SOT] cat webmail app?
On Aug 8, 2008, at 3:06 PM, Aristotle Pagaltzis wrote: * Jose Luis Martinez [EMAIL PROTECTED] [2008-08-08 16:50]: http://icanhascheezburger.files.wordpress.com/2008/08/funny- pictures-sometimes-the-mail-gets-you.jpg I’m not sure that caption is how we want users to think of a Catalyst mail app. ;-) I CAN HAZ EEMAEL™ I expect full faith and credit, residuals, points on gross not net, et cetera and so on and so forth. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: Catalyst site design drafts feedback thread
On Jun 17, 2008, at 8:18 AM, J. Shirley wrote: On Tue, Jun 17, 2008 at 7:00 AM, Tobias Kremer [EMAIL PROTECTED] wrote: Quoting Aristotle Pagaltzis [EMAIL PROTECTED]: * Tobias Kremer [EMAIL PROTECTED] [2008-06-17 11:40]: I've started to code the site and the ongoing process is available at http://www.funkreich.de/catalyst Hmm, that *requires* a maximised browser window on a 1024×768 screen. I don't know if it really should… how about a jello layout? A width of 960 pixels is the current standard for new sites without skyscraper/wallpaper ads which must be visible on a 1024x768 15 CRT because ad clients and agencies still dictate that as the norm :) Compare my version with the already mentioned movabletype.org for instance. I hadn't heard of jello layouts before - it seems they're very rarely used ... --Tobias This layout is fine but even 960px is too wide and with a fluid layout you could go down to the much more reasonable 730px (an older standard based around leaderboard ads) as the minimum and it would display nicely for everyone from there up whether they have a little notebook screen with the rez down for easier reading or a Cinema display. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] IMPORTANT: To all Catalyst::Whatever Authors, please read and ACT
On May 10, 2008, at 5:39 PM, Kieren Diment wrote: If you maintain a Catalyst::Plugin, View, Controller or anything else, please pay attention and address the following issue: YAML is not an appropriate configuration format for use in perldoc because both yaml and perldoc are sensitive to white space. Therefore they interact. Even worse they interact in different ways depending on the formatter being used. You may say that this is not important because people can just remove the indentation from the perldoc at the beginning of each line of the config, but this makes your module less usable for people, and *requires thought*. If using the trivial parts of your module requires thought, this is overhead for someone learning how to use your software which can be avoided (see http://en.wikipedia.org/wiki/Cognitive_load for details). So in your modules, Ideally you will provide provide both a __PACKAGE__-config() example, and an example using a serialisation format like Config::General (which is much harder to stuff up than yaml). If you're only going to provide one example though please don't make it YAML. If you don't want to have to maintain two config examples, then provide the __PACKAGE__ declaration, which means at least us poor users can then do: perl -Ilib -e 'use MyApp; use Config::General; Config::General-new- save_file(myapp.conf, MyApp-config);' Two or more config examples is nice and kind to users and I think it's a great best practice to include it (maybe someone would attach a simple script to dump several formats? If I have time this weekend, I'll try if no one beats me to it). Arguing that users who cargo-cult their configs from POD deserve coddling and MODULE AUTHORS MUST ACT TO AVERT THIS DISASTER is silly. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] IMPORTANT: To all Catalyst::Whatever Authors, please read and ACT
On May 10, 2008, at 6:44 PM, Matt S Trout wrote: On Sat, May 10, 2008 at 05:56:41PM -0700, Ashley wrote: Arguing that users who cargo-cult their configs from POD deserve coddling and MODULE AUTHORS MUST ACT TO AVERT THIS DISASTER is silly. There are several requests A DAY on #catalyst that come down to YAML indentation mistakes. If users are clearly repeatedly not getting this, it's time to change stuff. If we do a 5.71 I think the catalyst.pl default should change then, and then after a few months we file bugs against every distribution still using YAML examples instead of code and/or .conf. As I said, I'm all for more examples and even volunteered to write a script to make it easy to sync them. It wouldn't be much fun to be actively disallowed from using the example that I am going to want to see or stub from when I run perldoc. I like helping others but I write code primarily for myself. I know you don't like YAML, Matt, but I do. I don't see that having a best practice of ... top 3? configs is incompatible with the stated goal. I believe YAML/POD is causing problems but since it's the most used example it's simply going to be the most asked about whether or not it's intrinsically problematic. If the docs only had fragmentary XML or Apache style confs, the irc would be getting plenty of questions on those instead. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] IMPORTANT: To all Catalyst::Whatever Authors, please read and ACT
On May 10, 2008, at 7:18 PM, Kieren Diment wrote: On 11 May 2008, at 10:56, Ashley wrote: Two or more config examples is nice and kind to users and I think it's a great best practice to include it (maybe someone would attach a simple script to dump several formats? If I have time this weekend, I'll try if no one beats me to it). That on the other hand would be useful (sorry missed it first time). Could you make a CatalystX::ConfigMaker that dumps catalyst_config.pl into $PATH somewhere? CatalystX::Starter is a small and simple module that shows how to do this. I'd love to try. I'll take a look this weekend. Thanks for pointing me at the starter modules, I hadn't looked at it yet. devilsAdvocate type=tangent for=MST style=voice:facetious The biggest stumbling block and learning curve with Catalyst is almost undeniably DBIC… Maybe we should consider a script that files tickets against any documents that reference it going forward. I mean sure it's useful but think of all the questions it generates! Why DBIC users pollute the Catalyst list all the time and some of the devs even cross post. /devilsAdvocate ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Anybody who fancies some LWP poking ...
There was a recent SoPW on PerlMonks about this. Seems HTTP::Message is doing the right thing. http://perlmonks.org/?node_id=683833 -Ashley On May 4, 2008, at 2:21 PM, Daniel McBrearty wrote: OK, I walked through the code and found out roughly what is going on. Hard to say where the real source of the bug is (could be at least two modules) but I have a workaround which I am using (basically just to remove the croak in HTTP::Message, a bit dirty but probably harmless). http://rt.cpan.org/Public/Bug/Display.html?id=34802 I forwarded this to Leon also. HTH D On Sun, May 4, 2008 at 9:30 PM, Daniel McBrearty [EMAIL PROTECTED] wrote: yeah, I started setting up cat on a new system yesterday and hit this :-( The salient line seems to be : HTTP::Message content not bytes at lib/Test/WWW/Mechanize/ Catalyst.pm line 88 I will spend an hour or two on it now, as I hate force installing, but am starting almost from scratch and don't have much intuition yet as what this is about. Any pointers welcome ... D -- Daniel McBrearty email : danielmcbrearty at gmail.com http://www.engoi.com http://danmcb.vox.com http://danmcb.blogger.com find me on linkedin and facebook BTW : 0873928131 ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Multi-language and REST
On Apr 25, 2008, at 10:28 AM, Christopher H. Laco wrote: If changing Accept-Language is too much, (or people want to view a language other than their native), then look at language= in the query params first..if it's empty...honor Accept-Language... rather than forcing /lang/ at the front of all urls. I like the idea (and you could even cookie language prefs instead of a query string solution which would be more expensive/complex with the URI rewrites) but giving up a large chunk of one's search engine results for a more purist interface is a pretty high price. As of last year (haven't checked recently) the googlebot couldn't even correctly index pages served as application/xhtml. Some bots might do the right thing with headers for their target language base(s) but I doubt it's many, if even a minority, of them yet. It's not a transport issue (like HTML/PDF/JSON/XML/etc) which makes perfect sense for header control because the clients and client-side stuff is being written now in tandem, it's different content and the target clients are laden with legacy behavior. I like PUT and DELETE too but I'm not going to abandon POST as their stand-in (or fall- back) any time soon. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Why does $c-stats require -Debug flag?
On Apr 24, 2008, at 2:49 AM, Jon Schutz wrote: Basically it's more of a zeitgeist than an actual document. There are some things that the community has decided and just do. One is not breaking things or adding features between point releases. We've fucked this up a number of times, but that doesn't really matter, the point is we try to fix our mistakes. Compare this to other frameworks that just break things and say fuck you. A standard is not a standard unless it's written down as a common reference for everybody to see. People in the community come and go and don't all have the same history, or longevity of memory for all the let's make this a standard decisions that happen along the way. This is perhaps getting close to the crux of the problem. Clearly Matt and I, and you it seems, have a different concept of what the standard is. Is there someone out there, then, with the right background, to set up a Wiki page and document this zeitgeist? The leading underscore means private implicitly says no leading underscore means public. Just as a No Swimming at Night sign implies swimming during the day is allowed. Most of what Matt's talking about is etiquette. Unless something is clearly labeled alpha or beta, interface subject to change, it's just not okay to change an interface, hence backwards compatibility/support for at least the immediate, announced future. This seems an open-source-wide convention, not just Perl. Of course anyone can do whatever he wants with his code but breaking conventions (and this is a common sense one) won't make any friends and doing it enough will lead to abandonment or getting one's code forked away. I haven't used the stats stuff though it looks interesting, but I personally would immediately drop any package that went through an undocumented, unannounced interface change defended as personal style. Using AUTOLOAD when you know your methods/subs up front is a pointless complication and performance hit. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Dispatching based on path and host/domain
On Apr 22, 2008, at 9:14 AM, Matt S Trout wrote: The library provides come really common filtering facilities for my apps like active flag and valid_from/valid_to date ranges for records. That smells like there's a couple nice DBIC components in there trying to escape. I've been doing, I think, the same thing status, golive and takedown. I'd love to see it generalized if it can be. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Sending email safely with Catalyst
On Apr 18, 2008, at 10:54 AM, Matt S Trout wrote: On Sat, Apr 12, 2008 at 11:11:41AM +0200, Zbigniew Lukasiak wrote: My first approach was to do the sending in a cron job - but then came the requirement that the emails should be sent as soon as possible. Now I have a forking model, but I don't know if I implemented it correctly (the mod_perl guide recommends against forking http://modperlbook.org/html/10-2-Forking-and-Executing- Subprocessesfrom-mod_perl.html). But you're writing a new catalyst app, so you're deploying it under fastcgi, right? I thought forking from an App wasn't possible with the FastCGI engine. Did something change or did I misread an old thread? I hope so. I'd love to be able to fork in it. Any doc/recipe out there? -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: CGI::Dump()
I know. Grabbed it from CGI.pm without checking. It also returns the, I believe, illegal ul/ul when there are no params. :) If I ever do anything with it, I promise to fix it. On Apr 18, 2008, at 7:38 PM, Aristotle Pagaltzis wrote: * Ashley [EMAIL PROTECTED] [2008-04-18 21:30]: push(@result,lib$param/b/li); push(@result,ul); That’s invalid HTML. You can’t put an `ul` directly inside a `ul` like that. Regards, -- Aristotle Pagaltzis // http://plasmasturm.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] CGI::Dump()
Is there an established way to emulate this in Cat? CGI::Dump() I like it for dev work and simple one-off forms that are human processed. I might port it (to a posted snippet at least) if not. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] CatalystSites.org
On Apr 11, 2008, at 11:55 AM, Stephen Sykes wrote: Chisel - What is so odd in passing the tag id to the controller for the by_tag feature? I think this is the issue: Other users also tagged this 27. The tag is the human readable part of the record. :) ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] CatalystSites.org
On Apr 11, 2008, at 1:10 PM, Stephen Sykes wrote: Ashley wrote: On Apr 11, 2008, at 11:55 AM, Stephen Sykes wrote: Chisel - What is so odd in passing the tag id to the controller for the by_tag feature? I think this is the issue: Other users also tagged this 27. The tag is the human readable part of the record. :) I'm still not getting this. :-\ Once a new tag is added to the database the tag id will never change, only the tag weight. Tag id is unique and is primary. I suppose the tag description could be used with an index on that column for performance. That would make sense, if that is your concern. It's that http://mysite.com/tag/1232 is meaningless to the user. Not that it's programatically incorrect; which, as you know, it's not. http://mysite.com/tag/pangolins is better UI. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] CatalystSites.org
On Apr 11, 2008, at 1:33 PM, Christopher H. Laco wrote: /tag/name/name /tag/id/id The greatness of future possibilities is expanded to much happiness. Chained/sub instance() make all the code behind either option JustWork. claco (I just like writing it) ++. This is mostly how I do it and for admin functions I redirect to the id version. /tag/name/name going to its id at /tag/id/id/edit as only the id is immutable for the record. Well, tags are a bad example for this but an article name can certainly change. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: New credential -- Catalyst::Authentication::Credential::OpenID
On Apr 8, 2008, at 2:11 PM, Aristotle Pagaltzis wrote: * Ashley [EMAIL PROTECTED] [2008-04-08 05:15]: roles for providers? I didn’t think of that. That sounds *very* cool. I wonder if this might possibly cause problems. One thing I’m not comfortable with, for a reason I can’t exactly pinpoint, is using the provider URI directly as a role. Maybe let the user configure a mapping from provider URIs to roles? Sure. I'm kind of backed up this week with work but I'll try to get that brewing for release on the weekend... Not sure how to approach that this second anyway so a few days to steep will be good. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] New credential -- Catalyst::Authentication::Credential::OpenID
On Apr 7, 2008, at 10:30 AM, Jay K wrote:
Hi Ashley,
Sorry for the delay, It sounds quite interesting. Are you working off
of the auth module in svn at the moment, or the released version. I
ask because there are changes in svn that might make it easier to
implement. I'm in the process of documenting those changes for a
release soon. Namely, the realm has much more control (more hook
points) in the auth process - might be useful.
Anyway - let me know if I can help in any way.
Working from the CPAN version.
http://search.cpan.org/dist/Catalyst-Authentication-Credential-OpenID/
(Ignore the extra Documentation link, I left a trash copy of the
file in there and need to get it out; I'll try tonight when I've got
time; I notice another mistake -- I left the store class in the
sample config but it doesn't exist yet.)
I'd love to see your new stuff. I'll take a look later. I am
already basically using the realm for everything. Don't know
what the new looks like but the old was pretty easy to follow
and I was grateful for the internals info you put in the POD.
The only current real configuration option, for example, is that
you can set your own user agent and pass it arguments. From the POD-
Plugin::Authentication:
default_realm: members
realms:
openid:
credential:
class: OpenID
ua_class: LWPx::ParanoidAgent
ua_args:
whitelisted_hosts:
- 127.0.0.1
- localhost
On Apr 5, 2008, at 10:11 PM, Ashley wrote:
On Apr 5, 2008, at 8:44 PM, J. Shirley wrote:
On Wed, Apr 2, 2008 at 9:38 PM, Ashley [EMAIL PROTECTED] wrote:
Hello everybody! [Well, mostly JayK and Tatsuhiko Miyagawa].
I think I have a working modernized (to the current bleeding edge
of the
Auth system) OpenID Credential package:
Catalyst::Authentication::Credential::OpenID. Before I work on
docs and
trying to making it tested and bomb-proof I want to check with all
y'all.
It's based on the second generation
Catalyst::Plugin::Authentication::Credential::OpenID from
Tatsuhiko Miyagawa
and all the new stuff from Jay Kuri.
So instead of
$c-authenticate_openid()
you have realm based auth
$c-authenticate({ openid_identifier = $claimed_uri }, openid)
This sounds like the right direction to me. I'm eager to see the
new
work, as well. Do you have a dev package available?
Great. I worked on it a bunch today and got a working test app with
it running a provider and a consumer along with some plain text
inline Auth so it can test itself. I managed to use some of JRock's
test stuff + some of JK's to write a live test that I *think* is
okay. It's difficult to know because the test server has to run with
forking so it can answer its own requests but it's passing in my env
on OS X at least. It's minimal but there is a working OpenID server
example in the t/TestApp code.
I'm trying to do some reasonable POD right now and I was hoping to
get a slightly messy 0.01 on the CPAN tonight (missing the OpenID
store class which I'd really like to have but that's another day+ to
write and test which might push it off a week or more). I have my
own svn server but since it's just me, it's messy with poor revision
messages and I check in broken stuff so I can get it between my
machines... that said, if you can't wait or I'm too slow: http://
dev.perlperl.com/cpan/trunk/CA-OpenID/
(that should be open for checkouts; I just flipped it to public).
Also, if you need proper commit bits to the main Catalyst repos
please let me know
and I'll get that sorted out for you.
I would love that. If nothing else, I'd be glad to tackle typo/small-
fish bugs and help update some of the document drift in
authentication stuff.
I'm getting ready to start working on another OpenID consumer
application, and would like to use your work.
I hope you do and please if any room for improvement jumps out at
you, don't be shy. I worked a bunch with OpenID last year on a
contract but I'm no guru with it.
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/
catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
---
Those who can make you believe absurdities can make you commit
atrocities. --Voltaire
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/
catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] RFC for plugin to strip script name from URI; plugin name + code review
On Apr 6, 2008, at 12:44 PM, Matt S Trout wrote:
.htaccess # This one implies a / deployment.
---
DirectoryIndex myapp.fcgi index.html
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !myapp.fcgi$
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !(.*[^/])$
RewriteRule ^(.*)/$ /$1 [QSA,L,R=301]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*) /myapp.fcgi/$1 [QSA,L]
Isn't it possible in mod_rewrite to use the P flag to pass the
original
URI through so it things it was at / in the first place?
An excellent question to which I don't know the answer. I'll play
around with it later.
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] CatalystSites.org
On Apr 6, 2008, at 3:33 PM, Stephen Sykes wrote: Oleg Pronin wrote: It's definitely better than sites that are on top currently :) Especially first :) Also i meant 'most popular sites', not 'best sites', sorry :) If you want to produce the code required, I am willing to implement. I just don't have time at the moment. Or, everyone could visit the site and vote to change the results! :-P Alexa is definitely *not* the way to go for reasons stated (their toolbar client feeds their stats). I don't know if these guys have an API or a way to use their data with their TOS but I was very impressed by their ranking/traffic guestimates -- http:// www.quantcast.com/ -- which were extremely close to the Urchin/Google stats for sites of mine. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] New credential -- Catalyst::Authentication::Credential::OpenID
On Apr 5, 2008, at 8:44 PM, J. Shirley wrote:
On Wed, Apr 2, 2008 at 9:38 PM, Ashley [EMAIL PROTECTED] wrote:
Hello everybody! [Well, mostly JayK and Tatsuhiko Miyagawa].
I think I have a working modernized (to the current bleeding edge
of the
Auth system) OpenID Credential package:
Catalyst::Authentication::Credential::OpenID. Before I work on
docs and
trying to making it tested and bomb-proof I want to check with all
y'all.
It's based on the second generation
Catalyst::Plugin::Authentication::Credential::OpenID from
Tatsuhiko Miyagawa
and all the new stuff from Jay Kuri.
So instead of
$c-authenticate_openid()
you have realm based auth
$c-authenticate({ openid_identifier = $claimed_uri }, openid)
This sounds like the right direction to me. I'm eager to see the new
work, as well. Do you have a dev package available?
Great. I worked on it a bunch today and got a working test app with
it running a provider and a consumer along with some plain text
inline Auth so it can test itself. I managed to use some of JRock's
test stuff + some of JK's to write a live test that I *think* is
okay. It's difficult to know because the test server has to run with
forking so it can answer its own requests but it's passing in my env
on OS X at least. It's minimal but there is a working OpenID server
example in the t/TestApp code.
I'm trying to do some reasonable POD right now and I was hoping to
get a slightly messy 0.01 on the CPAN tonight (missing the OpenID
store class which I'd really like to have but that's another day+ to
write and test which might push it off a week or more). I have my own
svn server but since it's just me, it's messy with poor revision
messages and I check in broken stuff so I can get it between my
machines... that said, if you can't wait or I'm too slow: http://
dev.perlperl.com/cpan/trunk/CA-OpenID/ (that should be open for
checkouts; I just flipped it to public).
Also, if you need proper commit bits to the main Catalyst repos
please let me know
and I'll get that sorted out for you.
I would love that. If nothing else, I'd be glad to tackle typo/small-
fish bugs and help update some of the document drift in
authentication stuff.
I'm getting ready to start working on another OpenID consumer
application, and would like to use your work.
I hope you do and please if any room for improvement jumps out at
you, don't be shy. I worked a bunch with OpenID last year on a
contract but I'm no guru with it.
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
[Catalyst] New credential -- Catalyst::Authentication::Credential::OpenID
Hello everybody! [Well, mostly JayK and Tatsuhiko Miyagawa].
I think I have a working modernized (to the current bleeding edge of
the Auth system) OpenID Credential package:
Catalyst::Authentication::Credential::OpenID. Before I work on docs
and trying to making it tested and bomb-proof I want to check with
all y'all.
It's based on the second generation
Catalyst::Plugin::Authentication::Credential::OpenID from Tatsuhiko
Miyagawa and all the new stuff from Jay Kuri.
So instead of
$c-authenticate_openid()
you have realm based auth
$c-authenticate({ openid_identifier = $claimed_uri }, openid)
I considered including the legacy parts of CPA::Credential::OpenID,
specifically authenticate_openid(), but have come out against it as
too confusing without a big enough user base to justify it. Contrary
arguments are welcome.
The docs and error feedback will note that the store class Null (with
user class User::Hash) is the only built-in supported one. I plan to
add a namespace-preserving data slurp on the OpenID stuff (though I
haven't looked at how/where this will work so it might be wishful
thinking for now) so that arbitrary things like Simple Registration
will be brought in as a sub-hash-ref instead of multiple key-val
pairs at the top of the user object. Perhaps this is where a user
class for OpenID should happen; it would follow the OpenId spec and
refuse to find_user unless the required fields were present.
So, that would mean the package (with two classes, credential and
user) would be released together under the otherwise empty namespace
Catalyst::Authentication::OpenID(???).
Also, OpenID stuff can be difficult, to put it mildly, to debug so
I'd like to put in lots of debug statements. What is (or which module
represents) the current best practice for per module debug handling
so it can be toggled (in the config?)?
Related:
http://openid.net/specs/openid-simple-registration-extension-1_0.html
Do the name change and general direction sound right?
-Ashley
--
PS: 바보 to that thread.
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Usage of $c-uri_for and $c-res-redirect
On Mar 26, 2008, at 1:31 PM, Dustin Suchter wrote: Can you directly control the port you redirect to? Part of my problem is having consistency between the production and test environments, which operate on 80/443 and 3000/3000 respectively. Don't see why not. Just add in $c-config magick or whatnot as necessary. perldoc URI use URI; my $u = URI-new(http://example.com;); print $u, $/; $u-port(3000); $u-scheme(https); print $u, $/; -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] external javascript files
On Mar 24, 2008, at 2:43 PM, Jennifer Ahn wrote: i'm tyring to call my external javascript library under myapp/root/ src/myjavascript.js in my tt2 file by placing this line at the top of the tt2 file: script language=Javascript src=/myjavascript.js type=text/ javascript/script The language attribute is, IIRC, deprecated in all current X?HTML. It's best to use uri_for() with pretty much everything. It lets you do your app in a number of different ways while resolving resources correctly. So– script src=[% c.uri_for(/myjavascript.js) %] type=text/ javascript/script I have also started to make URIs relative this way when possible/ allowed– script src=[% c.uri_for(/myjavascript.js).path %] type=text/ javascript/script It's best to setup your server to serve this kind of resource instead of your app if/when you can. Check the advent calendars and tutorial docs for examples of that. You'll probably want your js files in your static path to make this easier. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Catalyst controllers - can they be created without catalyst.pl helper script?
On Mar 20, 2008, at 12:12 PM, Devin Austin wrote:
I was playing around the other day when I tried to create a simple
controller with out using the Catalyst.pl helper script. It wasn't
loaded when I restarted my devel server, so I figured that there
must be a dispatch table somewhere storing the names of the
Controller files, and that table is edited by the helper script.
Is this correct? Or is there some other method used to create
controllers? Also, does one *have* to use the helper script to
create controllers/models/views?
There's no dispatch table outside of the Controller tree. You don't
have to use the helpers at all but you do have to include an
attribute declaration for actions to be found. Making a controller of
Foo.pm with an action of bar-
This won't be found-
sub bar {}
This will be (at /foo/bar)-
sub bar : Local {}
You also don't need to manually restart the dev server if you launch
it with the -r flag. It will pick-up changes in your tree and restart
for you.
One of the main advantages, to me, of the helpers is that they stub
tests for you.
-Ashley___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Automatically uri_unescape parameters
On Mar 17, 2008, at 1:53 PM, Alex Povolotsky wrote: So far I can tell only that SOMETIMES it does not escape it properly. I'm heavily pressed by missing deadline, but I'll make a test case and send it to you. This sounds like you are double encoding URIs in some situations without realizing it. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Catalyst and Shibboleth authentication
On Mar 15, 2008, at 10:22 AM, Alex Povolotsky wrote: Mike Whitaker wrote: On 14 Mar 2008, at 19:00, Kirby Krueger wrote: Greetings, I'm writing a new web application, and have decided to jump into Catalyst (because I am smart.) One thing that Catalyst seems to do well is have a good mechanism for plugging in standard approaches to things. Here at the University of Washington, we use a project called 'Shibboleth' for authentication: http://shibboleth.internet2.edu/ I dunno exactly what Shibboleth does, but if the notes on dealing with external single sign on (http://catwiki.toeat.com/ gettingstarted/tutorialsandhowtos/sso_authentication) are any help, steal away :) (JayK did sanity check them for me, and He Should Know :) ) Well, The Whole Thing seems reasonable; however, maybe you'll provide me with some idea on more complex setup? I want to AUTHENTICATE users via some external SSO, but KEEP users once they've been authenticated into database. I have (still) no good idea on interaction of Realm, Password and Store... This might be a way to approach it: http://openid.net/specs/openid- simple-registration-extension-1_1-01.html Use OpenID to authenticate and the simple registration protocol to save their info in your own DB (in this case there would be no local password saved, the realm would always be the OpenID path and I'm not sure how you'd connect that with your local store. OpenID accounts are free at several sites so it's not a high barrier to entry. There is a family of CPAN modules by Brad Fitzpatrick and I think one or two OpenID plugins for Cat. The protocol is pretty simple but hacking on it can be very confusing and can make certain setups tricky (I chased a bug for 10 hours doing the stuff b/c I stupidly had the id server address set to / when the real resource was /index.pl). -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: [again] die() in an action chain : does not break the chain !
[snipped a bit from below] Which brings me to `halt`. Suggested plugin name: HaltRequest I think this is quite nice; HaltRequest and halt(). I'll wait a couple of days, maybe try to write some tests, to see if there is more feedback and then give it a try. On Mar 15, 2008, at 2:28 AM, Aristotle Pagaltzis wrote: * Ashley [EMAIL PROTECTED] [2008-03-15 06:15]: While we're on the topic. How abhorrent/stupid is this? $c-die(); # or $c-die(Dying is easy, comedy is hard); I'd really like something like this. I could go for $c-fatal() too. fatal_error() is nice and descriptive but I lean toward something shorter if it can be agreed upon. FWIW, I based it on the feel of `error_out`. It should convey, /somehow/, that it's circumventing further processing excepting the end. die feels intuitive and is super easy to type but it seems too loaded. At first I was going to suggest `abort`. It’s too ambiguous tho: the verb is both transitive and intransitive, and it’s not clear that the latter sense is meant. Also if used transitively it’d be unclear whether it’s like `forward`/`detach` in that it takes an action, or if it expects a different kind of argument. It would have to be `abort_with_msg` or something; but that’s a good deal worse than `fatal_error`. Then I thought of `fail`. That does not suffer from these problems and is almost as short as `die`. It’s somewhat loaded, though, even though in a very different way from `die` (particularly for Perl programmers). Not every case where one wants to abort the request processing is a failure. That would suggest something like `stop`. But that has much the same linguistic ambiguity problems as `abort`, if not to the same degree (because it doesn’t have quite as many connotations in programming as `abort`). But it says a little too little about what is being stopped. It’s not necessarily clear that it means stopping the request processing as opposed to stopping whatever else one might stop. Maybe `quit`? The problem with that is that it suggests that the Cat app terminates altogether. Other than that it would seem like a good candidate, because I think the connotation of quitting in computing makes it quite clear that this wouldn’t expect an action as an argument, say. Which brings me to `halt`. As far as I can tell, that suffers from none of the problems with any of the other options. It has a strong connotation of “halt processing” in computing and it’s very clear that it is intransitive, and unlike `fail` it doesn’t make a strong suggestion about whether the outcome is desirable, although it is negatively connoted. As a bonus, it’s word you can imagine a burly German yelling. Suggested plugin name: HaltRequest Regards, -- Aristotle Pagaltzis // http://plasmasturm.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] [again] die() in an action chain : does not break the chain !
I've been threatening for more than a year to write a plugin to do this.
I wrote to ask for CPAN/method name suggestions, Aristotle gave me
good advice
which I'll have to dig up.
If you want to do it yourself you would just put a new method which dies
and detaches. Then in your examples below you'd call
$c-error_out() (I think this is my original stupid name which Aristotle
tried to save us all from) and it would throw your exception (or perhaps
something out of $c-errors) and $c-detach(end)... maybe. It's been
a year since I looked at it though I think it's a good idea.
-Ashley
On Mar 14, 2008, at 12:54 AM, Dami Laurent (PJ) wrote:
Hello list,
Sorry, I already asked the same question a couple of days ago, but
probably I was not clear enough.
My problem is that if there is an exception at the entry point of an
action chain, processing nevertheless continues until the endpoint of
the chain.
Consider for example the following action chain :
sub one : Chained(/) :PathPart(one) :CaptureArgs(0) {
my ($self, $c) = @_;
$c-{stash}{msg} = start_work;
die die in one;
}
sub two : Chained(one) :PathPart(two) :CaptureArgs(0) {
my ($self, $c) = @_;
$c-{stash}{msg} .= , . $self-expensive_work($c);
die die in two;
}
sub three : Chained(two) :PathPart(three) :Args(0) {
my ($self, $c) = @_;
$c-{stash}{msg} .= , . $self-expensive_work($c) . again;
die die in three;
$c-response-body($c-stash-{msg});
}
sub expensive_work {
my ($self, $c) = @_;
return this took me a long time;
}
and the following finalize_error function :
sub finalize_error {
my ($c) = @_;
my $body = got errors : . join (\n, @{$c-error})
. \nand message was :\n . $c-stash-{msg};
$c-response-body($body);
}
This yields
got errors : Caught exception in
Cata_exceptions::Controller::Root-one die in one at
D:/Temp/Cata_exceptions/scripts/../lib/Cata_exceptions/Controller/
Root.p
m line 22.
Caught exception in Cata_exceptions::Controller::Root-two die
in two
at
D:/Temp/Cata_exceptions/scripts/../lib/Cata_exceptions/Controller/
Root.p
m line 28.
Caught exception in Cata_exceptions::Controller::Root-three die in
three at
D:/Temp/Cata_exceptions/scripts/../lib/Cata_exceptions/Controller/
Root.p
m line 35.
and message was :
start_work, this took me a long time, this took me a long time again
Now the question is : how to avoid calling expensive_work() ? Is
there a
way to tune up the chaining mechanism so that it would automatically
detach() at the first exception ?
Thanks in advance, Laurent Dami
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/
catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Catalyst best practices - exceptions
On Mar 14, 2008, at 5:09 AM, Ian Sillitoe wrote: I'm curious about catalyst best practices regarding exceptions. FWIW I found the following links outline a neat way of handling Exceptions (i.e. tying additional functionality to typical HTTP headers) and I'm currently using this model (not Model) in my application. http://bricas.vox.com/library/post/catalyst-exceptionclass.html http://bricas.vox.com/library/post/catalyst-exceptionclass-detach.html I can't seem to find an enormous amount of discussion on the topic - I wondered if anyone had any strong opinions on the matter? this method in particular? whether this article should be slurped into an entry on the new wiki? It looks pretty nice. It's doing a lot of things that Catalyst already does; setting status, throwing exceptions. Since Cat catches all your exceptions and you have to deal with stuff in the end() anyway, my version does all the error checking and such then and I throw my exceptions with: die RC_401: blah, blah, blah. The end() error catcher looks for the RC_[status_code] and uses HTTP::Status to return the name. I posted a snippet of it to the list almost 2 years ago, I think, but those messages don't seem to be in the archive. Someone also has a plugin to do some of this; the name escapes me. I print the error stack (I have two versions, one regular errors, one that shows the guts of StackTrace) with the status message if the app is running under debug so that users just see 404 Not found: /asdf/ asf/asdf and developers see the works. Since there can be many errors thrown (as Laurent Dami is asking in another thread), normal users just get the first error thrown out of $c-errors. Developers get the whole mess in case it matters. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: [again] die() in an action chain : does not break the chain !
On Mar 14, 2008, at 1:36 PM, Aristotle Pagaltzis wrote: Hi Ashley, * Ashley [EMAIL PROTECTED] [2008-03-14 16:40]: I've been threatening for more than a year to write a plugin to do this. I wrote to ask for CPAN/method name suggestions, Aristotle gave me good advice which I'll have to dig up. you mean this: * Aristotle Pagaltzis [EMAIL PROTECTED] [2007-07-17 00:25]: I’d rather call it FatalErrorThrow and the method would be `fatal_error`, I think. Bit less than a year, it turns out. :-) Ah, but I didn't say who I was threatening or when the threats began or if the restraining order might still be in force. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: [again] die() in an action chain : does not break the chain !
On Mar 14, 2008, at 1:36 PM, Aristotle Pagaltzis wrote:
* Ashley [EMAIL PROTECTED] [2008-03-14 16:40]:
I've been threatening for more than a year to write a plugin to
do this. I wrote to ask for CPAN/method name suggestions,
Aristotle gave me good advice which I'll have to dig up.
you mean this:
* Aristotle Pagaltzis [EMAIL PROTECTED] [2007-07-17 00:25]:
I’d rather call it FatalErrorThrow and the method would be
`fatal_error`, I think.
While we're on the topic. How abhorrent/stupid is this?
$c-die();
# or
$c-die(Dying is easy, comedy is hard);
I'd really like something like this. I could go for $c-fatal() too.
fatal_error() is nice and descriptive but I lean toward something
shorter if it can be agreed upon.
It should convey, /somehow/, that it's circumventing further processing
excepting the end. die feels intuitive and is super easy to type but
it seems too loaded. Please give me insight, sanction, corrections,
spankings, declarations regarding how I'll never work in this town
again et cetera and so forth.
The code below is *barely* tested.
package Catalyst::Plugin::Die;
use strict;
use warnings;
BEGIN {
no strict vars;
push(@ISA, $Catalyst::Exception::CATALYST_EXCEPTION_CLASS ||
'Catalyst::Exception::Base');
}
sub die : method {
my $self = shift;
my %params = @_ == 1 ? ( error = $_[0] ) : @_;
my $message = $params{message} || $params{error} || $! ||
Catalyst::Plugin::Die-die called;
eval { $self-throw($message) };
$self-error($@ || Unknown error in Catalyst::Plugin::Die-die);
$self-NEXT::die(@_);
$self-detach; # $self-detach(end) ???
}
1;
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: implementing ajax
One JSON security tangent worth knowing:
http://bob.pythonmac.org/archives/2007/04/05/fortify-javascript-
hijacking-fud/
Why I mentioned earlier, wrap it in {}.
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] implementing ajax
On Mar 12, 2008, at 11:55 AM, Matt Pitts wrote:
My argument is this: if you want to return sensitive data for an AJAX
app doing so using eval-able JS or even pure JSON increases the risk
that your data could be hijacked via cross-site attacks.
Like everything else it's only risky if you do it wrong. Always wrap
it in {}. Enforce authn/authz; even the suggestion that you might
not is horrific/ludicrous. Know what you're sending. Don't let users
put code on your site in their data. All the usual suspects from there.
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] So, what do we want in the -next- book?
On Mar 10, 2008, at 8:55 AM, Jonathan Rockway wrote: Writing documentation gets them nothing; they already know how to use Catalyst, so they're not helping themselves in any way. I completely agree with your other points, but the above is untrue. Better docs can mean the life or death of a Catalyst project *and* especially of Catalyst adoption. No adoption means no community, no book buyers, and you see the cascade. I'm a position now where it could go either way for Catalyst and I'm the only one in the shop with experience with it. There is a lot of trepidation about being able to even maintain the code I'm writing. Better docs gains fans and boosters like me. Lack of docs, conflicting docs, etc, gets the opposite. Gets you hiring committees and project managers who cringe when the name of XYZ comes up. To anyone still thinking it's exploitation. Quit being cheap. The cost of a tech book is generally the amount of money you'll make in a single hour working. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] The home page, the wiki and the mailing list
On Mar 8, 2008, at 12:40 AM, Peter Edwards wrote: If you or anyone else would like to volunteer to help: - sign up to the new Wiki at http://catwiki.toeat.com/ - join #catalyst-site on irc.perl.org and ask Speaking of which, is there a recover/reset password feature coming? Some of us dummies start losing track at 200 passwords and forget to write new ones down. :( -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] On authentication again
On Mar 6, 2008, at 9:42 AM, Chisel Wright wrote:
On Thu, Mar 06, 2008 at 06:28:11PM +0100, Felix Antonius Wilhelm
Ostmann wrote:
you are outdated ;)
someone in the channel say we should use:
'Plugin::Authentication' = {
...
}
I'd better add the update to my Roadmap then
Also make sure your plugins are up to date. This is a great but
pretty new change. I switched naming conventions without updating my
plugins and got weird behavior (session worked for exactly one page
load but only after a POST) that was hard to track down.
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] The performance test of 6 leading frameworks
That's a hot tip. Put it in the mojomojo. Even if untested now,
someone will eventually and update it if necessary.
On Feb 29, 2008, at 2:03 PM, Jonathan Rockway wrote:
* On Fri, Feb 29 2008, Dab wrote:
Thank you for your answers
If asked that question is that I make a small application that
takes 3
seconds per request with only one user. It has only 7 tables and uses
a lot of TT.
I forget to use /Template::Stash::XS, (thank /Andy) I will make a
comparison
Rather than guessing, just fire up the profiler (Devel::DProf) and see
what's taking a long time. Then you can speed that part up.
I usually do this:
in Controller::Root:
sub quit :Local { exit(0) if $ENV{MYAPP_EXIT_OK} }
Then:
$ MYAPP_EXIT_OK=1 perl -Ilib -d:DProf script/myapp_server.pl
$ ab -n 1000 http://localhost:3000/slow/page
$ GET http://localhost:3000/quit
$ dprofpp
listing of slow routines
An improvement would be to just add this to your Makefile.PL:
sub MY::postamble {
return EOM;
profile:
\tMYAPP_EXIT_OK=1 perl -Ilib -d:DProf script/myapp_server.pl
\tab -n 1000 http://localhost:3000/slow/page
\tGET http://localhost:3000/quit
\tdprofpp
\trm tmon.out # if you want
EOM
}
Then make profile. Untested.
Regards,
Jonathan Rockway
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/
catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Alphabetical Paging based on First Letter
On Feb 27, 2008, at 3:50 PM, Matt Knesi wrote: I would like to implement a page navigation based on the first letter of the items, e.g. first letter of last names, so all last names with 'A' will display when you click on 'A' (instead of page 1) and all last names starting with 'M' appear when you click on 'M' and so on... Only the initials that are actually present in the database should be displayed for paging navigation, so if there is NO last name starting with 'X', 'X' shouldn't show up in the navigation line. I've done this with a dictionary application. You could do a relationship to a letter. So say name has_one letter, letter has_many names. Or what I've done a couple of times is make letter a field in the target table (word for me, name for you) and just keep the letter or # for a leading number/special and make it an index so it's fast to lookup. -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Distributed session storage problems/questions [SOLVED]
On Feb 21, 2008, at 11:18 AM, Matt Pitts wrote: One was running: Catalyst::Authentication::Store::DBIx::Class 0.104 And the other: Catalyst::Plugin::Authentication::Store::DBIx::Class 0.10 This is the whole reason I'm moving to PAR-based deployments. Another good way to keep this sort of thing from biting besides turning it into a PAR is to keep a current Makefile which exactly reflects the changes/upgrades. Then when you deploy, you can run it and the tests against it and quickly see if your modules are out of sync or exactly where your environments differ. Parts of Catalyst and DBIC are still moving a bit quickly and without being specific about versions you will get breakage. [My last one turned out to be out of sync plugin stuff where the dev side used the new/better config key pattern of Plugin::... but it broke in production where things were a single version older and only supported the older key style.] -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
