I've been using Flask for a little while and find I prefer it to Rails in some ways, particularly for being lightweight. However, one area in which Rails is far superior in my opinion is error reporting. There are many times in Flask where I get an error in my browser, but my console shows no error at all (for example, trying to pull non-existant querystring parameters out of request.form produces a 400 Bad Request, but all you see on the console is the incoming request).
Is there any kind of a verbose mode on Flask which will give me detailed information on all of its behavior?
The debug mode can be enabled via env variable (export FLASK_DEBUG=1) or within the code to allow printing traceback in case of errors as noted below:
app = Flask(__name__)
app.debug = True
You probably want to enable debug mode.
Error handling is off by default in production mode at the moment and can be set up here: http://flask.pocoo.org/docs/errorhandling/
Related
from flask import Flask
app = Flask(__name__)
#app.route('/')
def index():
return 'FRIENDS'
#app.route('/home')
def home():
return 'BARBAD, PARTI'
if __name__ == '__main__':
app.run(debug=True)
After google search I came to Know that if debug option is enabled then there is no need to restart the interpreter manually after each change to my code..
But I have also read in flask documentation:
Even though the interactive debugger does not work in forking
environments (which makes it nearly impossible to use on production
servers), it still allows the execution of arbitrary code. This makes
it a major SECURITY risk and therefore it must never be used on
production machines.
I am not getting how they have related it to SECURITY and other stuff.
Can anyone help me in understanding what they are talking about?
Thanks in advance....
Why is debug mode required?
The debug option is given to you so that you are able to get the full traceback of your errors, ability to execute code from the browser to be able to debug in place. This is to make debugging for you as the developer.
Why should you not use it in production?
You don't want any one to see your traceback, should there be an error. We only show the used that it's 500 or a 404 and something was wrong with their request or the server wasn't able to process their request. You don't want to show this because it's not secure to give anyone any idea of security holes in your application, because they can exploit it.
You never want any one to execute code on your machine other than yourself or someone you trust. If a malicious user is able to execute arbitrary code on your server, they would be able to do bad stuff!
A good practice for setting the debug mode is to decide if you are in production or development environment from an environment variable. Something like this:
from flask import Flask
app = Flask(__name__)
#app.route('/')
def index():
return 'FRIENDS'
#app.route('/home')
def home():
return 'BARBAD, PARTI'
if __name__ == '__main__':
app.run(debug=os.environ.get('APP_ENV', 'development') == 'development')
and remember to set 'APP_ENV' to production in your production environment.
If there is someone out there who has already worked with SOLR and a python library to index/query solr, would you be able to try and answer the following question.
I am using the mySolr python library but there are others out (like pysolr) there and I don't think the problem is related to the library itself.
I have a default multicore SOLR setup, so no authentication required normally. Don't need it to access the admin page at http://localhost:8080/solr/testcore/admin/ either
from mysolr import Solr
solr = Solr('http://localhost:8080/solr/testcore/')
response = solr.search(q='*:*')
print("response")
print(response)
This code used to work but now I get a 401 reply from SOLR ... just like that, no changes have been made to the python virtual env containing mysolr or the SOLR setup. Still...something must have changed somewhere but I'm out of clues.
What could be the causes of a SOLR 401 reponse?
Additional info: This script and mor advanced script do work on another PC, just not on the one I am working on. Also, adding "/select?q=:" behind the url in the browser does return the correct results. So the SOLR is setup correctly, it has probably something to do with my computer itself. Could windows settings (of any kind) have an impact on how SOLR responds to requests from python? The python env itself has been reinstalled several times to no avail.
Thanks in advance!
The problem was: proxy.
If this exact situation was ever to occur to someone and you are behind a proxy, check if your HTTP and HTTPS environmental variables are not set. If they are... this might cause the python session to try using the proxy while it shouldn't (connecting to localhost via proxy).
It didn't cause any trouble for months but out of the blue it did so whether you encounter this or not might be dependent on how your IT setup your proxy or made some other changes...somewhere.
thank you everyone!
When using the flask request object, attempting access a form arg that doesn't exists - i.e.
request.args['keyThatDoesntExist']
will result in a
"Bad Request, 400" error coming back to the client browser.
This design bothers me because it results in a very opaque error that doesn't give a line number where the issue happened or anything else to debug. I don't want to use request.args.get('keyThatDoesntExist') because I like to get an error rather than a default value when the key doesn't exist. That is, I like to know when something is wrong rather than chugging along with mysterious behavior.
Is there any way to change the behavior so a KeyError is raised at that line rather than a Bad Request coming back?
You can set app.config['TRAP_BAD_REQUEST_ERRORS'] = True - in that case those errors will be handled like a real error.
However, you should consider why Flask handles those KeyErrors specially: If a user sends you crap, it's not an error in your application. So why should it fail with an internal server error and possibly an error reporting email (remember, in production you won't have the flask debugger running, and in debug mode you get a proper error anyway).
I have an issue with debugging and Cloud Endpoints. I'm using tons of endpoints in my application, and one endpoint consistently returns with error code 500, message "Internal Error".
This endpoint does not appear in my app's logs, and when I run its code directly in the interactive console (in production), everything works fine.
There might be a bug in my code that I am failing to see, however, the real problem here is that the failing endpoints request is NOT showing up in my app's logs – which leaves me with no great way to debug the problem.
Any tips? Is it possible to force some kind of "debug" mode where more information (such as a stack trace) is conveyed back to me in the 500 response from endpoints? Why isn't the failing request showing up in my app's logs?
Just in case you aren't aware - by default the Logs webpage does not show you the lowest level log statements. That missing level ('D', I think) adds lots of Endpoints log statements that occur prior to the invocation of your code, so they could be useful in the situation you describe.
I also find it useful to retrieve my log statements with 'appcfg' (in the GAE SDK), e.g.
appcfg --num_days=1 --severity=0 request_logs myfile.log
Check if you are running out of resources.
I'm new to GAE, and have not been able to figure out how to configure 'print' statements to the logging console rather than the browser. For example:
class Feed(webapp.RequestHandler):
def post(self):
feeditem = Feeditem()
feeditem.author = self.request.get('from')
feeditem.content = self.request.get('content')
feeditem.put()
notify_friends(feeditem)
self.redirect('/')
def notify_friends(feeditem):
"""Alerts friends of a new feeditem"""
print 'Feeditem = ', feeditem
When I do something like the above, the print in notify_friends outputs to the browser and somehow prevents the self.redirect('/') in the post method that called it. Commenting it out corrects the issue.
Is there a way to change this behavior?
EDIT: Google App Engine tag removed as this is general.
You should instead use the logging module, like so:
import logging
def notify_friends(feeditem):
"""Alerts friends of a new feeditem"""
logging.info('Feeditem = %s', feeditem)
There are a variety of logging levels you can use, from debug to critical. By default, though, the App Engine SDK only shows you log messages at level info and above, so that's what I've suggested here. You can ask it to show you debug messages if you want, but you'll probably be overwhelmed with useless (to you) logging information, at least when running in the SDK.
See the logging module docs for more info.
Oh, and the nice thing about using the logging module is that you'll have access to your log messages in production, under the "Logs" section of your app's the App Engine dashboard.
This is not just a problem with GAE. It is a general issue. You can't print out HTML and then try to have a redirect header. The answer to your question is no, you can't change the behavior. What exactly are you trying to achieve? You might be able to get what you want a different way.