Wapp

Difference between version 23 and 24 - Previous - Next
&| What | '''Wapp''' |&
&| Where | https://wapp.tcl.tk/ |&
&| Description | A lightweight, secure [web framework%|%web microframework] in a single source file. Serves HTTP/1.1 directly, but supports [CGI] and [SCGI] as well. Aims for a small, easy-to-learn user API. |&&| Prerequisites | Tcl 8.6.  |&
&| Updated | 2019-10-15 |&
&| Author  | [drh] |&
&| License | 2-clause BSD |&

** Download **

======none
fossil clone https://wapp.tcl.tk/index.html wapp.fossil
mkdir wapp
cd wapp
fossil open ../wapp.fossil
tclsh tests/test01.tcl
======

or see other alternatives at https://wapp.tcl.tk/index.html/doc/trunk/docs/download.md

** See also **

   * [My first wapp-lication]
   * [STLViewer - a first approach for a wapp-lication]

** Discussion **

[DEC]: And you get hold of it by......?

[AM] See the link above

[Dec] :Which one?, No simple zip file then..


The following code excerpt results in no image being shown in browser.
However, when I bring up the text view of the HTML (via ctrl-U on Chrome browser) and click the link from there, the image shows up.
Why does the image not show up through wapp-default?   'Hello' prints as expected. Thanks in advance, Doug.
(I replaced the real domain with example.com)

======
#!/usr/bin/tclsh
source <full_path>/lib/wapp/wapp.tcl

proc wapp-default {
   wapp-subst {
       <img src="http://www.example.com/IMG_1870.JPG" style="width:75%">
       <br><b>Hello</b> World!
   }
}
wapp-start
======

[dbohdan] 2018-03-27: That's a consequence of Wapp's default [https://en.wikipedia.org/wiki/Content_Security_Policy%|%Content Security Policy]. (One of Wapp's design goals is to be [https://wapp.tcl.tk/index.html/doc/trunk/docs/security.md%|%secure by default], so the default policy is as strict as possible.) You can use `curl -v` and your Web browser's Console [https://developer.mozilla.org/en-US/docs/Tools/Web_Console] [https://developers.google.com/web/tools/chrome-devtools/console/] to debug the Content Security Policy.

Here is an example of how you can configure the Content Security Policy to allow images from a certain host:

======
#! /usr/bin/env tclsh
source wapp.tcl

proc wapp-default {} {
    wapp-content-security-policy \
        {default-src 'self'; img-src 'self' https://picsum.photos}
    wapp-subst {
        <!doctype html>
        <img src="https://picsum.photos/450/300" style="width:75%">
        <br><b>Hello</b> World!
    }
}
wapp-start $::argv
======

<<categories>>Internet | Web | Dev. Tools