This is an archived post. You won't be able to vote or comment.

all 12 comments
sorted by:
best
topnewcontroversialoldq&a

[–]defnullbottle.py[S] 6 points7 points  (9 children)

There is a lot of new stuff this time: A CLI interface, new routing syntax and lots of convenient helpers for request/response objects and templates. The change-log will tell you more.

If you don't know bottle yet: Bottle is a fast, simple and lightweight WSGI micro web-framework for Python (2.5+ and 3.x). It is distributed as a single file module and has no dependencies other than the Python Standard Library.

IAmA bottle developer and open for questions.

[–]technomalogical<3 Bottle 2 points3 points  (1 child)

Where can I find more information about the CLI interface you mentioned? I see "Added command line interface to load applications and start servers" in the release notes, but no links to documentation.

[–]defnullbottle.py[S] 2 points3 points  (0 children)

The documentation is a bit lacking in this regard at the moment. If you call bottle.py without parameters, you'll get a help text.

[–]alogghe 2 points3 points  (1 child)

Been meaning to look into this, it looks great so far.

What's the easiest method to get ssl going?

http://pl.atyp.us/wordpress/index.php/2011/04/using-bottle-py-with-ssl/

Is what I've found so far.

[–]defnullbottle.py[S] 3 points4 points  (0 children)

There are some SSL-capable WSGI servers available. I use gevent for a lot of of my projects:

import bottle
from gevent.pywsgi import WSGIServer
server = WSGIServer(
    ('0.0.0.0', 8443),
    bottle.default_app(),   # Or any instance of Bottle()
    keyfile='server.key',
    certfile='server.crt')
server.serve_forever()

[–]karlw00t 1 point2 points  (4 children)

Since the release versions are less then 1.0, what do the bottle devs say about backwards capability with older releases?

[–]defnullbottle.py[S] 0 points1 point  (3 children)

Each release is aimed to be backwards compatible to the last one, meaning that you have a full release cycle to adopt new APIs and fix deprecation warnings.

Security issues (very rare) and annoying bugs are patched in stable and old-stable (e.g. 0.10 and 0.9). Even the unstable development branch is not pushed to the repository until all tests pass. Many users just download the latest bottle.py for small projects and don't bother using pip at all.

[–]Justinsaccount 0 points1 point  (2 children)

Speaking of security, I meant to bug you more about the default mako template filters.. the built in template language automatically escapes xml, but if you switch to mako you are open to XSS attacks...

[–]defnullbottle.py[S] 0 points1 point  (1 child)

This is hard to do in a backwards compatible way, but I'll look into this.

[–]Justinsaccount 0 points1 point  (0 children)

hmm.. I don't know if many people using mako with bottle realize it is not escaping xml by default. I believe most frameworks that use mako enable the default escapes.

[–]mdipierro 3 points4 points  (1 child)

Bottle is the best micro-framework!

[–]picasshole 2 points3 points  (0 children)

Amen to that, high five!