WebDev Python WSGI
2014-03-01
- https://peps.python.org/pep-3333/
- http://wsgi.tutorial.codepoint.net/
- https://wsgi.readthedocs.io/en/latest/index.html
- https://en.wikipedia.org/wiki/Web_Server_Gateway_Interface
The Web Server Gateway Interface (WSGI, pronounced whiskey or WIZ-ghee) is a simple calling convention for web servers to forward requests to web applications or frameworks written in the Python programming language.
The current version of WSGI, version 1.0.1, is specified in Python Enhancement Proposal (PEP) 3333.
Web 服务器网关接口(WSGI,发音为威士忌或 WIZ-ghee)是一种简单的调用约定,用于将请求转发到用 Python 编写的 Web 应用程序或框架的 Web 服务器。
当前版本的 WSGI,即 1.0.1 版本,由 Python 增强提案(PEP)3333 指定。
WSGI was originally specified as PEP-333 in 2003.
PEP-3333, published in 2010, updates the specification for Python 3.
WSGI 最初是在 2003 年的 PEP-333 中指定的。
2010 年发布的 PEP-3333 更新了 Python 3 的规范。
Background
In 2003, Python web frameworks were typically written against only CGI, FastCGI, mod_python, or some other custom API of a specific web server. To quote PEP 333:
2003 年,Python Web 框架通常只针对 CGI、FastCGI、mod_python 或某些特定 Web 服务器的其他自定义 API 编写。引用 PEP 333 的话:
Python currently boasts a wide variety of web application frameworks, such as Zope, Quixote, Webware, SkunkWeb, PSO, and Twisted Web -- to name just a few. This wide variety of choices can be a problem for new Python users, because generally speaking, their choice of web framework will limit their choice of usable web servers, and vice versa... By contrast, although Java has just as many web application frameworks available, Java's "servlet" API makes it possible for applications written with any Java web application framework to run in any web server that supports the servlet API.
Python 目前拥有众多 Web 应用程序框架,例如 Zope、Quixote、Webware、SkunkWeb、PSO 和 Twisted Web 等等。这种广泛的选择可能会成为新 Python 用户的问题,因为一般来说,他们选择的 Web 框架将限制他们可用的 Web 服务器的选择,反之亦然……相比之下,尽管 Java 也拥有同样多的 Web 应用程序框架,但 Java 的“servlet”API 使得使用任何 Java Web 应用程序框架编写的应用程序都能在支持 servlet API 的任何 Web 服务器中运行。
WSGI was thus created as an implementation-neutral interface between web servers and web applications or frameworks to promote common ground for portable web application development.
因此,WSGI 被创建为实现中立的 Web 服务器和 Web 应用程序或框架之间的接口,以促进可移植 Web 应用程序的开发和共同基础。
Specification overview
The WSGI has two sides:
WSGI 有两个方面:
- the server/gateway side. This is often running full web server software such as Apache or Nginx, or is a lightweight application server that can communicate with a webserver, such as flup.
服务器/网关方面。这通常运行完整的 Web 服务器软件,例如 Apache 或 Nginx,或者是可以与 Web 服务器通信的轻量级应用程序服务器,例如 flup。
- the application/framework side. This is a Python callable, supplied by the Python program or framework.
应用程序/框架方面。这是由 Python 程序或框架提供的 Python 可调用对象。
Between the server and the application, there may be one or more WSGI middleware components, which implement both sides of the API, typically in Python code.
在服务器和应用程序之间,可能会有一个或多个WSGI 中间件组件,它们在 Python 代码中实现了 API 的两个方面。
WSGI does not specify how the Python interpreter should be started, nor how the application object should be loaded or configured, and different frameworks and webservers achieve this in different ways.
WSGI 不指定 Python 解释器应如何启动,也不指定应用程序对象如何加载或配置,不同的框架和 Web 服务器以不同的方式实现这些功能。
WSGI middleware
A WSGI middleware component is a Python callable that is itself a WSGI application, but may handle requests by delegating to other WSGI applications. These applications can themselves be WSGI middleware components.
一个 WSGI 中间件组件是一个 Python 可调用对象,它本身是一个 WSGI 应用程序,但可以通过委托给其他 WSGI 应用程序来处理请求。这些应用程序本身可以是 WSGI 中间件组件。
A middleware component can perform such functions as:
中间件组件可以执行以下功能:
- Routing a request to different application objects based on the target URL, after changing the environment variables accordingly.
根据目标 URL 将请求路由到不同的应用程序对象,同时相应地更改环境变量。
- Allowing multiple applications or frameworks to run side-by-side in the same process
允许多个应用程序或框架在同一进程中并行运行。
- Load balancing and remote processing, by forwarding requests and responses over a network
负载均衡和远程处理,通过网络转发请求和响应。
- Performing content post-processing, such as applying XSLT stylesheets
执行内容后处理,例如应用 XSLT 样式表。
Examples
Example application
A WSGI-compatible "Hello, World!" application written in Python:
def application(environ, start_response):
start_response('200 OK', [('Content-Type', 'text/plain')])
yield b'Hello, World!\n'
Where:
- Line 1 defines a function named
application, which takes two parameters, environ and start_response. environ is a dictionary containing CGI environment variables as well as other request parameters and metadata under well-defined keys. start_response is a callable itself, taking two positional parameters, status and response_headers.
第 1 行定义了一个名为 application 的函数,它接受两个参数 environ 和 start_response。environ 是一个包含 CGI 环境变量以及其他请求参数和元数据的字典,这些参数和元数据在定义良好的键下。start_response 本身是一个可调用对象,接受两个位置参数,status 和 response_headers。
- Line 2 calls
start_response, specifying "200 OK" as the HTTP status and a "Content-Type" response header.
第 2 行调用 start_response,指定 "200 OK" 作为 HTTP 状态和 "Content-Type" 响应头。
- Line 3 makes the function into a generator. The body of the response is returned as an iterable of byte strings.
第 3 行将函数转换为生成器。响应正文被返回为一个字节串的可迭代对象。
Example of calling an application
A full example of a WSGI network server is outside the scope of this article. Below is a sketch of how one would call a WSGI application and retrieve its HTTP status line, response headers, and response body, as Python objects. Details of how to construct the environ dict have been omitted.
完整的 WSGI 网络服务器示例不再本文范围之内。以下只是一个 Demo,说明如何调用 WSGI 应用程序并检索其 HTTP 状态行、响应头和响应正文,作为 Python 对象。如何构造 environ 字典的详细信息已被省略。
from io import BytesIO
def call_application(app, environ):
status = None
headers = None
body = BytesIO()
def start_response(rstatus, rheaders):
nonlocal status, headers
status, headers = rstatus, rheaders
app_iter = app(environ, start_response)
try:
for data in app_iter:
assert status is not None and headers is not None, \
"start_response() was not called"
body.write(data)
finally:
if hasattr(app_iter, 'close'):
app_iter.close()
return status, headers, body.getvalue()
environ = {...} # "environ" dict
status, headers, body = call_application(app, environ)
PEP 3333
PEP 3333 引入了一些新特性和更严格的规范,以提高 Python Web 应用程序的可移植性和互操作性。其中一些变化包括:
- 强制要求 WSGI 服务器和应用程序使用相同的字符编码。
- 确保应用程序能够正确处理 HTTP 头部中的 Unicode 值。
- 对异常处理进行了更好的规范,以允许更好的错误处理和调试。
- 更好地定义了 WSGI 环境变量,以提供更一致的行为。
此外,PEP 3333 还引入了一些新的建议,包括使用可选的服务器和客户端请求信息,提供更好的错误处理和日志记录,以及更好地处理请求和响应的二进制数据。
Linux
2014-02-27
文件类型
-, 普通文件l, 链接文件d, 目录c, 字符设备文件b, 块设备文件p, 管道文件s, Sockett, 特殊文件
基础
- 权限类型:
- r,读 4
- w,写 2
- x,可执行 1
- 用户类型:
- user, 文件所有者
- group, 文件所有组的所有用户
- other,其他用户
目录的权限
- r: 列出目录下的文件(
ls)
- w: 在目录中,创建、删除、重命名文件或子目录
- x: 进入目录(
cd)
示例
touch /tmp/testPerm
chmod 7777 /tmp/testPerm
ll /tmp/testPerm
-rwsrwsrwt 1 markjour markjour 0 2014-02-27 17:41:06 /tmp/testPerm
Linux 权限的两种表示方法:
- 数字:
- 字母:
第一位表示文件类型
第 2 - 4 位表示文件所有者的权限
第 5 - 7 位表示文件所有组的权限
第 8 - 10 位表示其他用户的权限
特殊权限
Linux 中的权限一共用 12 位来表示,除了上面 u g o 各 3 位(rwx)一共 9 位之外,还有 3 位:
$ ls -alh /bin/ | grep rws
-rwsr-sr-x 1 daemon daemon 55K 2022-04-14 08:23:36 at
-rwsr-xr-x 1 root root 72K 2022-11-24 20:05:18 chfn
-rwsr-xr-x 1 root root 44K 2022-11-24 20:05:18 chsh
-rwsr-xr-x 1 root root 35K 2022-03-23 21:53:14 fusermount3
-rwsr-xr-x 1 root root 71K 2022-11-24 20:05:18 gpasswd
-rwsr-xr-x 1 root root 47K 2023-04-07 06:21:06 ksu
-rwsr-xr-x 1 root root 47K 2022-02-21 09:49:57 mount
-rwsr-xr-x 1 root root 28K 2022-11-24 20:05:18 newgidmap
-rwsr-xr-x 1 root root 40K 2022-11-24 20:05:18 newgrp
-rwsr-xr-x 1 root root 28K 2022-11-24 20:05:18 newuidmap
-rwsr-xr-x 1 root root 31K 2022-02-07 21:05:06 nvidia-modprobe
-rwsr-xr-x 1 root root 59K 2022-11-24 20:05:18 passwd
-rwsr-xr-x 1 root root 31K 2022-02-26 19:11:57 pkexec
-rwsr-xr-x 1 root root 55K 2022-02-21 09:49:57 su
-rwsr-xr-x 1 root root 227K 2023-04-04 02:00:44 sudo
-rwsr-xr-x 1 root root 35K 2022-02-21 09:49:57 umount
$ find /bin/ -type f -perm /4000 -ls
7342874 36 -rwsr-xr-x 1 root root 35200 Mar 23 2022 /bin/fusermount3
7352563 28 -rwsr-xr-x 1 root root 28136 Nov 24 2022 /bin/newuidmap
7341794 32 -rwsr-xr-x 1 root root 30872 Feb 26 2022 /bin/pkexec
7347918 36 -rwsr-xr-x 1 root root 35192 Feb 21 2022 /bin/umount
7347747 48 -rwsr-xr-x 1 root root 47480 Feb 21 2022 /bin/mount
7344663 28 -rwsr-xr-x 1 root root 28136 Nov 24 2022 /bin/newgidmap
7349993 72 -rwsr-xr-x 1 root root 72072 Nov 24 2022 /bin/gpasswd
7350008 60 -rwsr-xr-x 1 root root 59976 Nov 24 2022 /bin/passwd
7347439 228 -rwsr-xr-x 1 root root 232416 Apr 4 02:00 /bin/sudo
7344105 32 -rwsr-xr-x 1 root root 30936 Feb 7 2022 /bin/nvidia-modprobe
7345135 56 -rwsr-xr-x 1 root root 55672 Feb 21 2022 /bin/su
7347241 72 -rwsr-xr-x 1 root root 72712 Nov 24 2022 /bin/chfn
7352704 40 -rwsr-xr-x 1 root root 40496 Nov 24 2022 /bin/newgrp
7347300 44 -rwsr-xr-x 1 root root 44808 Nov 24 2022 /bin/chsh
7382902 48 -rwsr-xr-x 1 root root 47416 Apr 7 06:21 /bin/ksu
7343017 56 -rwsr-sr-x 1 daemon daemon 55624 Apr 14 2022 /bin/at
$ find /bin/ -type f -perm /2000 -ls
7342246 16 -rwxr-sr-x 1 root root 15504 Jan 12 2022 /bin/dotlock.mailutils
7347219 72 -rwxr-sr-x 1 root shadow 72184 Nov 24 2022 /bin/chage
7346616 24 -rwxr-sr-x 1 root tty 22912 Feb 21 2022 /bin/write.ul
7340649 308 -rwxr-sr-x 1 root plocate 313904 Feb 17 2022 /bin/plocate
7341420 40 -rwxr-sr-x 1 root crontab 39568 Mar 23 2022 /bin/crontab
7349934 24 -rwxr-sr-x 1 root shadow 23136 Nov 24 2022 /bin/expiry
7347279 24 -rwxr-sr-x 1 root tty 22904 Feb 21 2022 /bin/wall
7345047 288 -rwxr-sr-x 1 root _ssh 293304 Nov 23 2022 /bin/ssh-agent
7343017 56 -rwsr-sr-x 1 daemon daemon 55624 Apr 14 2022 /bin/at
https://en.wikipedia.org/wiki/Setuid
https://en.wikipedia.org/wiki/Sticky_bit
https://web.archive.org/web/20130204053849/http://content.hccfl.edu/pollock/aunix1/filepermissions.htm
操作
chown 更改文件所有者和文件所有组chgrp 更改文件所有组chmod 更改权限
chmod 755 filePath
chmod 644 filePath
chmod u+x filePath
chmod g+r filePath
chmod o+w filePath
chmod a+r filePath
