tgext.routes changes
Thomas De Schampheleire
patrickdepinguin at gmail.com
Wed Jun 29 19:35:25 UTC 2016
Hi Søren,
On Tue, May 3, 2016 at 8:25 PM, Mads Kiilerich <mads at kiilerich.com> wrote:
> On 05/03/2016 03:13 PM, Søren Løvborg wrote:
>>
>> Considering that method overrides are designed specifically to
>> accommodate HTML forms, we could pull the CSRF token out of the POST
>> request body and stuff it into a header as part of the override
>> process. But at that point, it just feels like we're digging ourselves
>> in even deeper. A saner approach would be to phase out method
>> overrides altogether, and just let POST requests be POST requests.
>> (Add an "action" argument or similar as needed, but leave that to the
>> controller, and keep it out of routing and security checks.)
>
>
> It seems like that would be a general refactoring and code improvement that
> could be done on the default branch and pave the way for the TG migration?
I was wondering whether you would be up to tackling this in the near
future? (or perhaps you already started with this?)
Of the current tests that are failing, the majority is failing due to
the DELETE method not being accepted. I am meanwhile fixing the other
failures, but it would be great if in a parallel path someone could
look at the DELETE thing.
You can see the current state of the Turbogears2 migration code to
https://bitbucket.org/_amol_/kallithea-tg/
See also: https://bitbucket.org/conservancy/kallithea/wiki/Turbogears2Migration
Do let me know your thoughts...
Best regards,
Thomas
More information about the kallithea-general
mailing list