Erica web application framework

logo of erica, a pygmy goat

Introduction

There are quite a few good Python based web application frameworks available (Zope, CherryPy, Django to name a few) but they all focus on providing a fairly complete framework that performs well and is very versatile. These are desirable features of course but implementing this well comes with a price: complexity. It might be fairly simple to install and use these frameworks but really understanding them is not that easy. What I am looking for is a framework that can be thoroughly understood in little time so that we may focus on the how to implement important aspects of a web application framework and learn from the experience.

The Erica web application framework is my attempt at providing a step by step documented implementation of a web application server in Python. These pages document the parts we develop and you may want to follow along on my Start Small blog, which is also open for comments.

Design goals

In designing and implementing our framework we focus on

Simplicity
Everybody must be able to understand what is done and how it is done. This also implies we will not tackle subject like threading for example.
Security
To protect the data inside the web application and to ensure availability security should be a prime concern. Security is not something you add later so it will be one of the primary focus points.
Self sufficiency
We will use Python's Batteries Included philosophy to the fullest and use the bundled modules as much as possible. This not only frees us from external dependencies but because this is about understanding a web application framework we will build what is not provided.
The only thing that you will need to follow along is a working Python 3.x distribution and a web browser to interact with your web applications.

Topics

Some of the topics we will cover are listed below. Each will probably have it's own dedicated page and Blog entries and more topics might be added in the future. As this is a work in progress not all details are filled in yet.

Serving HTTP requests in a safe manner

How to implement a basic application server with rigorous input checking.

Sessions

How to safely implement session management.

Authentication

Adding basic authentication

Forms

How to display and process forms

Modules

An Address plugin for jQuery Mobile A SelectorImage plugin for jQuery Mobile

Blog articles

Propagating Python function annotations through decorators Implementing POST method handling in a web application server Function annotations in Python, checking parameters in a web application server , part II Function annotations in Python, checking parameters in a web application server

Relevant sites

Python Security.org