librelist archives

« back to archive

app.route - redirects

app.route - redirects

From:
Lucas Rolff
Date:
2012-12-18 @ 09:53
Hi guys,

I'm sitting with this problem, that when I use multiple app.routes, it 
redirects.

My code looks like following:


@app.route('/graphs/<container>/<start>-<end>', methods=['POST', 'GET'])
@app.route('/graphs/<container>/<start>', defaults={'end': 
int(time.time())}, methods=['POST', 'GET'])
@app.route('/graphs/<start>', defaults={'container': 'all', 'end': 
int(time.time())}, methods=['POST', 'GET'])
def weekData(container, start, end):
     print app.url_map
     startNumber = int(re.findall('[0-9]+', start)[0])
     if container == "all":
         wherestate = ""
     else:
         wherestate = "AND container='%s'" % container

The problem is, that when using 2nd app.route - like etc
curl http://localhost:9399/graphs/images/123165236

it does a redirect to:
http://localhost:9399/graphs/123165236

I also tried switching those 2 app.routes around, so the one with the 
most 'defaults' is before the middle one.

Does anyone know how to make this work?

Best regards,
Lucas Rolff

Re: [flask] app.route - redirects

From:
Audrius Kažukauskas
Date:
2012-12-18 @ 10:42
On Tue, 2012-12-18 at 10:53:39 +0100, Lucas Rolff wrote:
> The problem is, that when using 2nd app.route - like etc
> curl http://localhost:9399/graphs/images/123165236
> 
> it does a redirect to:
> http://localhost:9399/graphs/123165236
> 
> I also tried switching those 2 app.routes around, so the one with the 
> most 'defaults' is before the middle one.
> 
> Does anyone know how to make this work?

I replicated your routes in a test app with a single method that only
returns its arguments, and no redirects happen, everything just works.
So the issue is somewhere else in your code.

-- 
Audrius Kažukauskas
http://neutrino.lt/

Re: [flask] app.route - redirects

From:
Lucas Rolff
Date:
2012-12-18 @ 12:25
Hello Audrius,

What I find weird, is that when I comment out the last app.route the 
middle app.route starts to work as it should.

Raja from the IRC tried to help out as well yesterday :/

Here is the full code of my script:

import sys, json, collections, time, re, os
sys.path.append('/bigdisk/docs/LIBS/objectstorage/LIBS')
import MySQLdb
from flask import Flask, request, abort, Response

app = Flask(__name__)


@app.route('/graphs', methods=['POST', 'GET'])
def getData():
db = MySQLdb.connect(user='storage', passwd='storage', db='storage', 
host='localhost')
     cursor = db.cursor()

     cursor.execute("select timestamp, data from swift_stats")

     rows = cursor.fetchall()

     cursor.close()
     db.close()

     rowarray_list = []
     for row in rows:
         d = {}
         d['timestamp'] = row[0]
         d['data'] = row[1]
         rowarray_list.append(d)

     j = json.dumps(rowarray_list)
     resp = Response(j, status=200, mimetype='application/json')
     resp.cache_control.no_cache = True
     return resp

@app.route('/graphs/<container>/<start>-<end>', methods=['POST', 'GET'])
@app.route('/graphs/<container>/<start>', defaults={'end': 
int(time.time())}, methods=['POST', 'GET'])
@app.route('/graphs/<start>', defaults={'container': 'all', 'end': 
int(time.time())}, methods=['POST', 'GET'])
def weekData(container, start, end):
     print app.url_map
     startNumber = int(re.findall('[0-9]+', start)[0])
     if container == "all":
         wherestate = ""
     else:
         wherestate = "AND container='%s'" % container

     db = MySQLdb.connect(user='storage', passwd='storage', 
db='storage', host='localhost')
     cursor = db.cursor()

     cursor.execute("select container, UNIX_TIMESTAMP(uploaded), 
uploading_time from swift_stats WHERE UNIX_TIMESTAMP(uploaded) BETWEEN 
%s AND %s %s;" % (start, end, wherestate))

     rows = cursor.fetchall()

     rowarray_list = []
     for row in rows:
         d = {}
         d['timestamp'] = row[1]
         d['data'] = row[2]
         rowarray_list.append(d)

     j = json.dumps(rowarray_list)
     resp = Response(j, status=200, mimetype='application/json')
     resp.cache_control.no_cache = True

     print container, start, end

     cursor.close()
     db.close()
     return resp


if __name__ == "__main__":
     app.run(host='0.0.0.0', port=9399, debug=True)

> Audrius Kaz(ukauskas <mailto:audrius@neutrino.lt>
> December 18, 2012 11:42 AM
>
> I replicated your routes in a test app with a single method that only
> returns its arguments, and no redirects happen, everything just works.
> So the issue is somewhere else in your code.
>
> Lucas Rolff <mailto:lucas.rolff@spilgames.com>
> December 18, 2012 10:53 AM
> Hi guys,
>
> I'm sitting with this problem, that when I use multiple app.routes, it
> redirects.
>
> My code looks like following:
>
>
> @app.route('/graphs/<container>/<start>-<end>', methods=['POST', 'GET'])
> @app.route('/graphs/<container>/<start>', defaults={'end':
> int(time.time())}, methods=['POST', 'GET'])
> @app.route('/graphs/<start>', defaults={'container': 'all', 'end':
> int(time.time())}, methods=['POST', 'GET'])
> def weekData(container, start, end):
> print app.url_map
> startNumber = int(re.findall('[0-9]+', start)[0])
> if container == "all":
> wherestate = ""
> else:
> wherestate = "AND container='%s'" % container
>
> The problem is, that when using 2nd app.route - like etc
> curl http://localhost:9399/graphs/images/123165236
>
> it does a redirect to:
> http://localhost:9399/graphs/123165236
>
> I also tried switching those 2 app.routes around, so the one with the
> most 'defaults' is before the middle one.
>
> Does anyone know how to make this work?
>
> Best regards,
> Lucas Rolff
> Lucas Rolff <mailto:lucas.rolff@spilgames.com>
> December 18, 2012 10:53 AM
> Hi guys,
>
> I'm sitting with this problem, that when I use multiple app.routes, it
> redirects.
>
> My code looks like following:
>
>
> @app.route('/graphs/<container>/<start>-<end>', methods=['POST', 'GET'])
> @app.route('/graphs/<container>/<start>', defaults={'end':
> int(time.time())}, methods=['POST', 'GET'])
> @app.route('/graphs/<start>', defaults={'container': 'all', 'end':
> int(time.time())}, methods=['POST', 'GET'])
> def weekData(container, start, end):
> print app.url_map
> startNumber = int(re.findall('[0-9]+', start)[0])
> if container == "all":
> wherestate = ""
> else:
> wherestate = "AND container='%s'" % container
>
> The problem is, that when using 2nd app.route - like etc
> curl http://localhost:9399/graphs/images/123165236
>
> it does a redirect to:
> http://localhost:9399/graphs/123165236
>
> I also tried switching those 2 app.routes around, so the one with the
> most 'defaults' is before the middle one.
>
> Does anyone know how to make this work?
>
> Best regards,
> Lucas Rolff

Re: [flask] app.route - redirects

From:
Owein Reese
Date:
2012-12-18 @ 12:44
could not decode message

Re: [flask] app.route - redirects

From:
Malphas Wats
Date:
2012-12-18 @ 13:19
On Tue, Dec 18, 2012 at 12:25 PM, Lucas Rolff <lucas.rolff@spilgames.com>wrote:

> cursor.execute("select container, UNIX_TIMESTAMP(uploaded), uploading_time
> from swift_stats WHERE UNIX_TIMESTAMP(uploaded) BETWEEN %s AND %s %s;" %
> (start, end, wherestate))


This is a really bad idea - you're introducing a potential SQL injection
vector, cursor.execute takes a second argument that is a tuple (or list) of
the arguments for your query string. you should be using that. Basically,
you just need to replace the last % with a comma and your code is instantly
more secure.

Re: [flask] app.route - redirects

From:
Lucas Rolff
Date:
2012-12-18 @ 13:27
Thanks for the heads up Malphas!

I'll change that directly!

> Malphas Wats <mailto:malphas@subdimension.co.uk>
> December 18, 2012 2:19 PM
>
>
>     cursor.execute("select container, UNIX_TIMESTAMP(uploaded),
>     uploading_time from swift_stats WHERE UNIX_TIMESTAMP(uploaded)
>     BETWEEN %s AND %s %s;" % (start, end, wherestate))
>
>
> This is a really bad idea - you're introducing a potential SQL 
> injection vector, cursor.execute takes a second argument that is a 
> tuple (or list) of the arguments for your query string. you should be 
> using that. Basically, you just need to replace the last % with a 
> comma and your code is instantly more secure.
>
> Lucas Rolff <mailto:lucas.rolff@spilgames.com>
> December 18, 2012 1:25 PM
> Hello Audrius,
>
> What I find weird, is that when I comment out the last app.route the 
> middle app.route starts to work as it should.
>
> Raja from the IRC tried to help out as well yesterday :/
>
> Here is the full code of my script:
>
> import sys, json, collections, time, re, os
> sys.path.append('/bigdisk/docs/LIBS/objectstorage/LIBS')
> import MySQLdb
> from flask import Flask, request, abort, Response
>
> app = Flask(__name__)
>
>
> @app.route('/graphs', methods=['POST', 'GET'])
> def getData():
> db = MySQLdb.connect(user='storage', passwd='storage', db='storage', 
> host='localhost')
>     cursor = db.cursor()
>
>     cursor.execute("select timestamp, data from swift_stats")
>
>     rows = cursor.fetchall()
>
>     cursor.close()
>     db.close()
>
>     rowarray_list = []
>     for row in rows:
>         d = {}
>         d['timestamp'] = row[0]
>         d['data'] = row[1]
>         rowarray_list.append(d)
>
>     j = json.dumps(rowarray_list)
>     resp = Response(j, status=200, mimetype='application/json')
>     resp.cache_control.no_cache = True
>     return resp
>
> @app.route('/graphs/<container>/<start>-<end>', methods=['POST', 'GET'])
> @app.route('/graphs/<container>/<start>', defaults={'end': 
> int(time.time())}, methods=['POST', 'GET'])
> @app.route('/graphs/<start>', defaults={'container': 'all', 'end': 
> int(time.time())}, methods=['POST', 'GET'])
> def weekData(container, start, end):
>     print app.url_map
>     startNumber = int(re.findall('[0-9]+', start)[0])
>     if container == "all":
>         wherestate = ""
>     else:
>         wherestate = "AND container='%s'" % container
>
>     db = MySQLdb.connect(user='storage', passwd='storage', 
> db='storage', host='localhost')
>     cursor = db.cursor()
>
>     cursor.execute("select container, UNIX_TIMESTAMP(uploaded), 
> uploading_time from swift_stats WHERE UNIX_TIMESTAMP(uploaded) BETWEEN 
> %s AND %s %s;" % (start, end, wherestate))
>
>     rows = cursor.fetchall()
>
>     rowarray_list = []
>     for row in rows:
>         d = {}
>         d['timestamp'] = row[1]
>         d['data'] = row[2]
>         rowarray_list.append(d)
>
>     j = json.dumps(rowarray_list)
>     resp = Response(j, status=200, mimetype='application/json')
>     resp.cache_control.no_cache = True
>
>     print container, start, end
>
>     cursor.close()
>     db.close()
>     return resp
>
>
> if __name__ == "__main__":
>     app.run(host='0.0.0.0', port=9399, debug=True)
>
> Audrius Kaz(ukauskas <mailto:audrius@neutrino.lt>
> December 18, 2012 11:42 AM
>
> I replicated your routes in a test app with a single method that only
> returns its arguments, and no redirects happen, everything just works.
> So the issue is somewhere else in your code.
>
> Lucas Rolff <mailto:lucas.rolff@spilgames.com>
> December 18, 2012 10:53 AM
> Hi guys,
>
> I'm sitting with this problem, that when I use multiple app.routes, it
> redirects.
>
> My code looks like following:
>
>
> @app.route('/graphs/<container>/<start>-<end>', methods=['POST', 'GET'])
> @app.route('/graphs/<container>/<start>', defaults={'end':
> int(time.time())}, methods=['POST', 'GET'])
> @app.route('/graphs/<start>', defaults={'container': 'all', 'end':
> int(time.time())}, methods=['POST', 'GET'])
> def weekData(container, start, end):
> print app.url_map
> startNumber = int(re.findall('[0-9]+', start)[0])
> if container == "all":
> wherestate = ""
> else:
> wherestate = "AND container='%s'" % container
>
> The problem is, that when using 2nd app.route - like etc
> curl http://localhost:9399/graphs/images/123165236
>
> it does a redirect to:
> http://localhost:9399/graphs/123165236
>
> I also tried switching those 2 app.routes around, so the one with the
> most 'defaults' is before the middle one.
>
> Does anyone know how to make this work?
>
> Best regards,
> Lucas Rolff

Re: [flask] app.route - redirects

From:
Audrius Kažukauskas
Date:
2012-12-18 @ 14:34
On Tue, 2012-12-18 at 13:25:06 +0100, Lucas Rolff wrote:
> What I find weird, is that when I comment out the last app.route the
> middle app.route starts to work as it should.
> 
> Raja from the IRC tried to help out as well yesterday :/
> 
> Here is the full code of my script:
<skip>

Commented out DB parts in your code and ran it -- can't get any
redirects, all routes work as intended.  I'm baffled why it doesn't work
for you.  Which versions of Flask and Werkzeug are you using?

-- 
Audrius Kažukauskas
http://neutrino.lt/