On 12/21/06, Jacob Kaplan-Moss <[EMAIL PROTECTED]> wrote:
...
Again, though, it's not something I really care all that much about; you
shouldn't be using that view in production anyway.
Perhaps non-production stuff should have @non_production decorators
which issue warning.warn's. ;-)
--~--~
On 12/21/06 2:41 AM, Fredrik Lundh wrote:
are you trying to say that Django's static server doesn't filter the URL
before adding it to the document root ?
No, it does
(http://code.djangoproject.com/browser/django/trunk/django/views/static.py#L12);
the warning is there because nobody has ever
I need access control to the media (images in small, medium and full
resolution), is there any point in using another apache instance if i
want to use the django user authentication, or would the whole
mod_python overhead go into memory anyway?
On Dec 20, 7:49 am, "James Bennett" <[EMAIL PROTECT
Ivan Sagalaev wrote:
are you trying to say that Django's static server doesn't filter the
URL before adding it to the document root ?
Sure it doesn't.
so what's the
# Clean up given path to only allow serving files below document_root.
part doing, then ?
--~--~-~--~~--
Fredrik Lundh wrote:
are you trying to say that Django's static server doesn't filter the URL
before adding it to the document root ?
Sure it doesn't. Mainly because there is no such thing as "Django static
server". That view is just a debugging shortcut to let people develop a
site when the
[EMAIL PROTECTED] wrote:
Static servers are usually designed where the URL maps to part of the
file system. You asked earlier why static files (such as css and image
files) should not be stored alongside the scripts. This is because a
clever hacker could guess where you have stored your scripts
hasan_aljudy wrote:
I'm quite new to Django and I ran into this situation yesterday .. in
the end, I went with the {% include "style.css" %} trick, which seems
to be the best solution, because it's the simplest one, and I don't see
any drawbacks to it.
That will work fine. The only drawback i
cwurld wrote:
So when one says "Serve from Django" does that mean use the "view
django.views.static.serve"?
The documentation says that is not secure. Does anyone know what the
security risk is?
Thanks,
Chuck
It's insecure because of the way that dynamic servers behave versus
static servers
So when one says "Serve from Django" does that mean use the "view
django.views.static.serve"?
The documentation says that is not secure. Does anyone know what the
security risk is?
Thanks,
Chuck
--~--~-~--~~~---~--~~
You received this message because you are su
On Dec 20, 9:45 am, "cwurld" <[EMAIL PROTECTED]> wrote:
Thanks for all your replies. I can get things working the way you
recommend, but I am concerned with the way it forces me to separate
parts of my apps and it seems to create unnecessary complexity.
I think it is important to distinguish
The one caveat is that if you need permission control over static
files getting Apache set up correctly can be a major pain in the
butt. In that case, serving from Django may be the easiest way to do it.
Todd
On Dec 20, 2006, at 11:55 AM, [EMAIL PROTECTED] wrote:
Nobody's saying you CAN
Nobody's saying you CAN'T put it in the project, you can serve it from
whereever you want... it's just a bad idea, especially when your css
files are no longer less than 1k. And remember, your images are likely
to be much bigger than 1k.
--~--~-~--~~~---~--~~
You
Thanks for all your replies. I can get things working the way you
recommend, but I am concerned with the way it forces me to separate
parts of my apps and it seems to create unnecessary complexity.
I think it is important to distinguish static items based on size. My
css files tend to be very sm
On Dec 19, 2006, at 10:49 PM, James Bennett wrote:
...
So we generally recommend using a separate instance of Apache (with no
mod_python) or some other web server (lighttpd is very good at this)
to handle serving static CSS files, JavaScript, images, etc.; the
result is *much* more efficient use
On 12/19/06, cwurld <[EMAIL PROTECTED]> wrote:
It seems like I am really missing something here. But based on all the
other questions on css, it seems like many others are just as confused
as I am.
CSS files, JavaScript files, images, audio, video and other things
which are just "files" to be
On 12/19/06, cwurld <[EMAIL PROTECTED]> wrote:
Hi,
I don't understand why css files are special in django. If I have a
template that contains inline style commands, nothing special needs to
be done. But if I put those same commands in a separate file, now that
file needs to be in a special loc
On 20-Dec-06, at 9:49 AM, cwurld wrote:
But if I put those same commands in a separate file, now that
file needs to be in a special location that needs to be handled by
some
special code.
nothing special about css in django - the only thing is that you have
to specify the location (whi
Hi,
I don't understand why css files are special in django. If I have a
template that contains inline style commands, nothing special needs to
be done. But if I put those same commands in a separate file, now that
file needs to be in a special location that needs to be handled by some
special co
18 matches
Mail list logo
