Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Hrobjartur Thorsteinsson
    @thorsteinssonh_gitlab
    so this is not a server side bug, just falcon being provided with bad url
    it would be convenient to be able to detect that the url is not encoded properly
    to respond with some sensible error
    I actually guess that javascript fetch... automatically url encodes... I should check
    Kurt Griffiths
    @kgriffs
    heh, I was just thinking along those lines as well
    Hrobjartur Thorsteinsson
    @thorsteinssonh_gitlab
    but I guess that
    Im maybe only running into this problem in unittests
    Kurt Griffiths
    @kgriffs
    The web server should probably be checking, but unfortunately that isn't always true
    Hrobjartur Thorsteinsson
    @thorsteinssonh_gitlab
    not in browser tests, Ill check
    Yes, OK I see that javascript fetch... automatically URL encodes this stuff
    so this is just a problem in my testing
    haha, ok thats not so bad
    so does % / url encoding handle all languages... its some kind of UTF8 protocol over ASCII I guess
    at least I can write chinese and whatever in there and get url encoding from my javascript fetch
    so I guess it is
    Kurt Griffiths
    @kgriffs
    Right, so the client is responsible for taking their string, encoding it as UTF8, and then percent-encoding the result. Then Falcon will percent-decode the incoming byte string and then decode to a unicode string. Under Python 2.7 there is an optimization that causes the framework to only decode to unicode when there are non-ASCII characters in there after percent-decoding.
    I just created this. Feel free to comment. falconry/falcon#1685
    @vytas7 ^^^
    Also note that the upcoming Falcon 3.0 release will not support Python 2, but we will continue to maintain the Falcon 2.x series for a while.
    Hrobjartur Thorsteinsson
    @thorsteinssonh_gitlab
    hah yup time to move on to 3 :)
    wont be too hard I imagine, not sure why I dont take the time yet
    ok I found now that in my testing i should be doing
    urllib.quote_plus(... my query...)
    ok thanks man!
    Kurt Griffiths
    @kgriffs
    no problem!
    I also added a note to that issue re simulating requests
    Hrobjartur Thorsteinsson
    @thorsteinssonh_gitlab
    thanks thats fantastic !
    Vytautas Liuolia
    @vytas7
    Heh, interesting discussion, I'll catch up on this later
    FWIW, I noticed that Nginx blocks such requests outright with a 400, does not propagate them further to the app server.
    Vytautas Liuolia
    @vytas7
    I cannot comment on the GH issue :)
    Thought they implemented an AI to detect and prevent scepticism :smiling_imp: , but it's a mundane 500.
    Iwan
    @iw-an
    Hey can someone help me with an issue?
    I'm moving my api from Flask to Falcon and everything has been smooth expect Stripe wont decode json payloads
    I was using payload = json.load(req.bounded_stream)
    Then with stripe using the following;
    event = stripe.Webhook.construct_event(
    payload, sig_header, os.environ["STRIPE_ENDPOINT_SECRET"]
    )
    Which is causing 'No signatures found matching the expected signature for payload' to happen
    This isn't happening with other endpoints I have parsing json data
    Federico Caselli
    @CaselIT
    if the content type header is properly set you can use req.media to obtain the parsed json. https://falcon.readthedocs.io/en/stable/api/media.html
    Iwan
    @iw-an
    I see my issue actually, stripe would like it passed as the raw string, however I just tried passing str(req.stream.read()) and have the same problem
    Am I missing something in terms of getting the raw string? I also tried bounded_stream
    Iwan
    @iw-an
    I solved via req.bounded_stream.read().decode('utf-8') Thanks for your help!
    menyiss84
    @menyiss84
    Hi there,
    I'm trying to make Falcon (2.0.0) work with Django's ORM (3.0.4), so far it's not working that well, before I dig even deeper, is that possible?
    Federico Caselli
    @CaselIT
    I've never used django orm, but since falcon does not provide any orm itself I guess it should be possible
    menyiss84
    @menyiss84
    I actually got it to work a few minutes ago when using postgresql, for some reason, it didn't work well with sqlite
    Libor Jelinek
    @liborjelinek_twitter
    Hello, has to be my code in resources thread-safe? I run Falcon with Gunicorn+nginx combo.
    Libor Jelinek
    @liborjelinek_twitter
    I also asked at https://stackoverflow.com/questions/60797980/has-to-be-my-code-in-falcon-resources-thread-safe. When (if) I get answer, I'll post it also there.
    Vytautas Liuolia
    @vytas7

    Hi @liborjelinek_twitter !
    Responder methods, such as on_get, on_post etc, may be called in parallel (as part of handling parallel requests) in different processes, threads and/or greenlets/eventlets/coroutines etc if your WSGI server of choice supports that. Gunicorn can be configured to run multi-threaded.

    So in that sense yes, if your responder methods are accessing shared resources, care needs to be taken they are thread-safe. The same applies to hooks, middleware methods, router converters, custom error handlers etc.

    See also here: Is Falcon thread-safe?
    wassaf shahzad
    @wassafshahzad
    Hello I am new user falcon.py, can anyone point me towards a good resource regarding authorization. I tried searching on google couldn't find anything thank you.
    Federico Caselli
    @CaselIT
    I use https://github.com/loanzen/falcon-auth, but sadly it's not really maintained at the moment