Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
##Flask-XXL ####- A best practices approach to creating larger web apps with Flask, in an attempt to make Flask feel like it is as capable, if not more, than Django.
to see this in a real world example take a look at my other project Flask-Cms
##What this provides:
basemodels.py
baseviews.py
BaseView.render() calls render_template(BaseView._template,**BaseView._context) easily define either or both in the class variable section of the class and then add,change/ w/e based on logic that happens during request processing. example:
class ExampleView(BaseView):
_context = {
'some_flag':True,
}
def get(self,new_flag=False):
if new_flag:
self._context['new_flag'] = new_flag
self._context['some_flag'] = False
return self.render()
BaseView.redirect(endpoint)
is a reimplementation of flask.helpers.redirect
which allows you to directly enter the
endpoint, so you dont have to run it through url_for()
first.
BaseView.get_env()returns the current jinja2_env
BaseView.form_validated()returns true if all forms validate
namespaces imported into BaseView: BaseView.flash == flask.flash
many builtin template globals(context_processors) to use. ie:
- get_block(block_id) <-- requires use of flask.ext.xxl.apps.blog
* add blocks of html/jinja2/template helpers into the db and access from within templates
great for things like header navs or sidebar widgets
- get_icon(icon_name,icon_lib) <-- requires use of flask.ext.xxl.apps.blog
* flask.ext.xxl.apps.blog comes with 8 icon librarys!!!
- Glyphicon
- Font Awesome
- Mfg_Labs
- Elusive icons
- Genericons
- and more ...
access any icon anywhere in your templates! even from cms blocks!!!
- get_model(model_name,blueprint_name)
* access any model class from any template (currently only supports sqlalchemy models)
- get_button(name)
* create buttons in the cms and access from within templates
AppFactory class with many hooks into settings file (makes use of settings file similar to django)
new revamped url routing scheme, use a urls.py file in each blueprint to define the url routes for the blueprint. reference the blueprint and the url route module in the settings file to registar onto the app upon instantiation.
define routes like this:
file: urls.py
from blueprint import blueprint
from .views import ViewName,SecondView
routes = [
((blueprint_name,)
('/url',ViewName.as_View('view_name')),
('/another',SecondView.as_view('second_view')),
)
]
it basicly is like using app.add_url_rule() method, you
just dont have to add view_func=ViewName.as_view(endpoint)
or at least the
view_func=
part.
easily start a new project or extend an old one with the flaskxxl-manage.py command line helper tool
to start a project from scratch $ flaskxxl-manage.py start-project
to add to an existing project $ flaskxxl-manage.py start-blueprint
FAQs
quick way to design large flask projects
We found that flask-xxl demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.