garter: Update documentation.
author |
Steve Losh <steve@stevelosh.com> |
date |
Tue, 04 May 2010 23:03:17 -0400 |
parents |
ca20cf1cb90b
|
children |
84e309e1aa3a
|
branches/tags |
(none) |
files |
garter/csrf.html garter/index.html garter/lesscss.html garter/urls.html |
Changes
--- a/garter/csrf.html Tue May 04 22:59:21 2010 -0400
+++ b/garter/csrf.html Tue May 04 23:03:17 2010 -0400
@@ -66,20 +66,27 @@
<h1><a href="">CSRF Protection</a></h1>
-<p>The internet is a dangerous place. One common type of attack your site's users can fall victim to is <a href="http://www.squarefree.com/securitytips/web-developers.html#CSRF">Cross-site Request Forgery</a> attacks.</p>
-<p>Garter provides a simple way to guard against these attacks, based on <a href="http://flask.pocoo.org/snippets/3/">this snippet</a> from the Flask snippet site.</p>
-<p>To activate CSRF protection for your Flask application you need to do two things. First, call Garter's <code>csrf</code> function with your Flask app as a parameter:</p>
+<p>The internet is a dangerous place. One common type of attack your site's users
+can fall victim to is <a href="http://www.squarefree.com/securitytips/web-developers.html#CSRF">Cross-site Request Forgery</a> attacks.</p>
+<p>Garter provides a simple way to guard against these attacks, based on <a href="http://flask.pocoo.org/snippets/3/">this
+snippet</a> from the Flask snippet site.</p>
+<p>To activate CSRF protection for your Flask application you need to do two
+things. First, call Garter's <code>csrf</code> function with your Flask app as a
+parameter:</p>
<div class="codehilite"><pre><span class="kn">from</span> <span class="nn">garter.csrf</span> <span class="kn">import</span> <span class="n">csrf</span>
<span class="n">csrf</span><span class="p">(</span><span class="n">app</span><span class="p">)</span>
</pre></div>
-<p>Once you do that you'll need to add a CSRF token to every form on your site that makes an HTTP <code>POST</code> request:</p>
+<p>Once you do that you'll need to add a CSRF token to every form on your site
+that makes an HTTP <code>POST</code> request:</p>
<div class="codehilite"><pre><span class="nt"><input</span> <span class="na">type=</span><span class="s">"hidden"</span> <span class="na">value=</span><span class="s">"{{ csrf_token() }}"</span><span class="nt">></span>
</pre></div>
-<p>If you have certain views that need to be excluded from this protection (perhaps they receive <code>POST</code> requests from a third-party site) you can use the <code>csrf_exempt</code> decorator to disable protection:</p>
+<p>If you have certain views that need to be excluded from this protection
+(perhaps they receive <code>POST</code> requests from a third-party site) you can use the
+<code>csrf_exempt</code> decorator to disable protection:</p>
<div class="codehilite"><pre><span class="kn">from</span> <span class="nn">garter.csrf</span> <span class="kn">import</span> <span class="n">csrf</span><span class="p">,</span> <span class="n">csrf_exempt</span>
<span class="nd">@csrf_exempt</span>
@@ -91,7 +98,9 @@
</pre></div>
-<p>If for some reason you want to know <em>when</em> a CSRF attack happens, you can pass a function to the <code>csrf</code> call and it will be called whenever Garter detects an attack:</p>
+<p>If for some reason you want to know <em>when</em> a CSRF attack happens, you can pass
+a function to the <code>csrf</code> call and it will be called whenever Garter detects an
+attack:</p>
<div class="codehilite"><pre><span class="kn">from</span> <span class="nn">garter.csrf</span> <span class="kn">import</span> <span class="n">csrf</span>
<span class="n">attacks</span> <span class="o">=</span> <span class="mi">0</span>
@@ -109,7 +118,8 @@
<li><strong>arguments</strong> - The arguments that would normally be passed (if any) to that
view.</li>
</ul>
-<p>You can use this function to do anything you like; counting attacks is just a simple example.</p>
+<p>You can use this function to do anything you like; counting attacks is just a
+simple example.</p>
--- a/garter/index.html Tue May 04 22:59:21 2010 -0400
+++ b/garter/index.html Tue May 04 23:03:17 2010 -0400
@@ -60,7 +60,9 @@
<h1 id="splash-logo">Garter</h1>
-<div id="logo"><a href=""><img src="/media/images/logo.png"/></a></div>
+<div id="logo">
+ <a href=""><img src="http://sjl.bitbucket.org/sjl/garter/media/images/logo.png"/></a>
+</div>
<p><a href="http://sjl.bitbucket.org/garter/">Garter</a> is a collection of small utilities that makes creating webapps with
<a href="http://flask.pocoo.org/">Flask</a> easier.</p>
--- a/garter/lesscss.html Tue May 04 22:59:21 2010 -0400
+++ b/garter/lesscss.html Tue May 04 23:03:17 2010 -0400
@@ -70,22 +70,28 @@
can be a pain to run <code>lessc --watch static/style.less</code> every time you want to
work on your styles. It gets even worse when you have more than one <code>.less</code>
file.</p>
-<p>Garter provides a function that will automatically re-render <code>.less</code> files into CSS before each request if they've changed.</p>
-<p>You can activate it by calling the <code>lesscss</code> function with your Flask app as a parameter:</p>
+<p>Garter provides a function that will automatically re-render <code>.less</code> files
+into CSS before each request if they've changed.</p>
+<p>You can activate it by calling the <code>lesscss</code> function with your Flask app as a
+parameter:</p>
<div class="codehilite"><pre><span class="kn">from</span> <span class="nn">garter.lesscss</span> <span class="kn">import</span> <span class="n">lesscss</span>
<span class="n">lesscss</span><span class="p">(</span><span class="n">app</span><span class="p">)</span>
</pre></div>
-<p>This will watch your app's static media directory and automatically render <code>.less</code> files into <code>.css</code> files in the same (sub)directory.</p>
-<p>When you deploy your app you might not want to accept the overhead of checking the modification time of your <code>.less</code> and <code>.css</code> files on each request. A simple way to avoid this is wrapping the <code>lesscss</code> call in an <code>if</code> statement:</p>
+<p>This will watch your app's static media directory and automatically render
+<code>.less</code> files into <code>.css</code> files in the same (sub)directory.</p>
+<p>When you deploy your app you might not want to accept the overhead of checking
+the modification time of your <code>.less</code> and <code>.css</code> files on each request. A
+simple way to avoid this is wrapping the <code>lesscss</code> call in an <code>if</code> statement:</p>
<div class="codehilite"><pre><span class="k">if</span> <span class="n">app</span><span class="o">.</span><span class="n">debug</span><span class="p">:</span>
<span class="kn">from</span> <span class="nn">garter.lesscss</span> <span class="kn">import</span> <span class="n">lesscss</span>
<span class="n">lesscss</span><span class="p">(</span><span class="n">app</span><span class="p">)</span>
</pre></div>
-<p>If you do this <em>you'll</em> be responsible for rendering the <code>.less</code> files into CSS when you deploy in non-debug mode to your production server.</p>
+<p>If you do this <em>you'll</em> be responsible for rendering the <code>.less</code> files into
+CSS when you deploy in non-debug mode to your production server.</p>
--- a/garter/urls.html Tue May 04 22:59:21 2010 -0400
+++ b/garter/urls.html Tue May 04 23:03:17 2010 -0400
@@ -66,15 +66,18 @@
<h1><a href="">URL Convenience Functions</a></h1>
-<p>URLs are a pain. Garter tries to help by providing some useful functions to make working with URLs easier.</p>
+<p>URLs are a pain. Garter tries to help by providing some useful functions to
+make working with URLs easier.</p>
<div class="toc">
<ul>
<li><a href="#permalink">permalink</a></li>
</ul>
</div>
<h2 id="permalink">permalink</h2>
-<p>The <code>permalink</code> decorator was taken from
-<a href="http://flask.pocoo.org/snippets/6/">this snippet</a> on the Flask site. It's used to wrap functions so they only need to return the arguments to Flask's <code>url_for</code> function, instead of calling the function themselves.</p>
+<p>The <code>permalink</code> decorator was taken from <a href="http://flask.pocoo.org/snippets/6/">this snippet</a> on the
+Flask site. It's used to wrap functions so they only need to return the
+arguments to Flask's <code>url_for</code> function, instead of calling the function
+themselves.</p>
<p>For example, say you have several classes that represents items on your site:</p>
<div class="codehilite"><pre><span class="kn">from</span> <span class="nn">flask</span> <span class="kn">import</span> <span class="n">url_for</span>