Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 89 lines (71 sloc) 4.286 kb
3d719f3 Armin Ronacher Added docs, fixed some bugs I introduced last commit
authored
1 Foreword
2 ========
3
4 Read this before you get started with Flask. This hopefully answers some
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
5 questions about the purpose and goals of the project, and when you
3d719f3 Armin Ronacher Added docs, fixed some bugs I introduced last commit
authored
6 should or should not be using it.
7
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
8 What does "micro" mean?
9 -----------------------
3d719f3 Armin Ronacher Added docs, fixed some bugs I introduced last commit
authored
10
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
11 To me, the "micro" in microframework refers not only to the simplicity and
12 small size of the framework, but also to the typically limited complexity
56796f0 Armin Ronacher More doc changes regarding foreword
authored
13 and size of applications that are written with the framework. Also the
14 fact that you can have an entire application in a single Python file. To
15 be approachable and concise, a microframework sacrifices a few features
16 that may be necessary in larger or more complex applications.
3d719f3 Armin Ronacher Added docs, fixed some bugs I introduced last commit
authored
17
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
18 For example, Flask uses thread-local objects internally so that you don't
3d719f3 Armin Ronacher Added docs, fixed some bugs I introduced last commit
authored
19 have to pass objects around from function to function within a request in
20 order to stay threadsafe. While this is a really easy approach and saves
bca1acf Armin Ronacher Rewrote becoming big and foreword
authored
21 you a lot of time, it might also cause some troubles for very large
22 applications because changes on these thread-local objects can happen
23 anywhere in the same thread.
24
25 Flask provides some tools to deal with the downsides of this approach but
26 it might be an issue for larger applications. Flask is also based on
27 convention over configuration, which means that many things are
28 preconfigured and will work well for smaller applications but not so well
29 for larger ones. For example, by convention, templates and static files
30 are in subdirectories within the Python source tree of the application.
31
32 However Flask is not much code and built in a very solid foundation and
33 with that very easy to adapt for large applications. If you are
34 interested in that, check out the :ref:`becomingbig` chapter.
3d719f3 Armin Ronacher Added docs, fixed some bugs I introduced last commit
authored
35
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
36 A Framework and an Example
05f36c7 Armin Ronacher Heavily improved documentation
authored
37 --------------------------
38
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
39 Flask is not only a microframework; it is also an example. Based on
05f36c7 Armin Ronacher Heavily improved documentation
authored
40 Flask, there will be a series of blog posts that explain how to create a
41 framework. Flask itself is just one way to implement a framework on top
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
42 of existing libraries. Unlike many other microframeworks, Flask does not
43 try to implement everything on its own; it reuses existing code.
05f36c7 Armin Ronacher Heavily improved documentation
authored
44
4671429 Armin Ronacher Added a security section to the foreword and a footnote to the g
authored
45 Web Development is Dangerous
46 ----------------------------
47
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
48 I'm not joking. Well, maybe a little. If you write a web
49 application, you are probably allowing users to register and leave their
4671429 Armin Ronacher Added a security section to the foreword and a footnote to the g
authored
50 data on your server. The users are entrusting you with data. And even if
51 you are the only user that might leave data in your application, you still
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
52 want that data to be stored securely.
4671429 Armin Ronacher Added a security section to the foreword and a footnote to the g
authored
53
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
54 Unfortunately, there are many ways the security of a web application can be
4671429 Armin Ronacher Added a security section to the foreword and a footnote to the g
authored
55 compromised. Flask protects you against one of the most common security
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
56 problems of modern web applications: cross-site scripting (XSS). Unless
57 you deliberately mark insecure HTML as secure, Flask and the underlying
58 Jinja2 template engine have you covered. But there are many more ways to
4671429 Armin Ronacher Added a security section to the foreword and a footnote to the g
authored
59 cause security problems.
60
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
61 The documentation will warn you about aspects of web development that
62 require attention to security. Some of these security concerns
63 are far more complex than one might think, and we all sometimes underestimate
64 the likelihood that a vulnerability will be exploited, until a clever
65 attacker figures out a way to exploit our applications. And don't think
66 that your application is not important enough to attract an attacker.
67 Depending on the kind of attack, chances are that automated bots are
68 probing for ways to fill your database with spam, links to malicious
69 software, and the like.
4671429 Armin Ronacher Added a security section to the foreword and a footnote to the g
authored
70
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
71 So always keep security in mind when doing web development.
4671429 Armin Ronacher Added a security section to the foreword and a footnote to the g
authored
72
3d719f3 Armin Ronacher Added docs, fixed some bugs I introduced last commit
authored
73 Target Audience
74 ---------------
75
56796f0 Armin Ronacher More doc changes regarding foreword
authored
76 Is Flask for you? If your application is small or medium sized and does
77 not depend on very complex database structures, Flask is the Framework for
78 you. It was designed from the ground up to be easy to use, and built on
79 the firm foundation of established principles, good intentions, and
80 mature, widely used libraries. Recent versions of Flask scale nicely
81 within reasonable bounds, and if you grow larger, you won't have any
82 trouble adjusting Flask for your new application size.
3d719f3 Armin Ronacher Added docs, fixed some bugs I introduced last commit
authored
83
84 If you suddenly discover that your application grows larger than
85 originally intended, head over to the :ref:`becomingbig` section to see
86 some possible solutions for larger applications.
87
f3dd3da Copy edited and partially rewrote the foreword.
Matt Campbell authored
88 Satisfied? Then let's proceed with :ref:`installation`.
Something went wrong with that request. Please try again.