I would like to create a specialized browser that can enter certain information semi-automatically into pages that are browsed. I am using for this Qt Webkit (in particular the python bindings). How can I do this?
it's doable, using javascript code-snippets. take a look at the pyjamas-desktop "failed experiment" pyjd/pyqt4.py runtime, noting the rather important addition of the words "failed".
you would be strongly advised to avoid pywebkitqt4 for this particular purpose, instead looking at either python-hulahop (originally part of the OLPC project) or perhaps python-webkit - http://www.gnu.org/software/pythonwebkit
l.
Related
I'm working on a school project which I would like to showcase in a web browser or application.
I would like the user to control the work with a mouse or keyboard. I want to show a unique image based on where the curser is over a visible grid. An additional feature is the ability to switch to a different "stack" of images upon user input from the scroll wheel or in a dialog.
I have a beginner-intermediate understanding of Python.
Theoretically, I could write this using Sage, but I would like the feedback to be instant - a change shouldn't require a new calculation, just show a new image.
Additionally, I would like to create a feature which takes the user on a "tour" based on information attached to an image.
My first thought was to use an online website builder (Webflow), though an opportunity to learn a new language or expand upon my knowledge of Python is my first choice.
What language is best suited for this?
This is possible in Python, as nearly everything is (Python is a Genral Purpose Language), so you could certainly implement this in Python.
The best language for this, however,IMO, would be JavaScript.
Python will almost certainly get in your way or at least hinder you slightly in comparison.
An 'online website builder' is not likely to provide you with the required amount to control needed to implement you project - most of these are painfully simplistic drag-and-drog tools where any real control only comes from adding your own CSS/HTML/JS anyways.
JS is an incredibly useful language and also very well suited for nearly all web/browser projects, so use this opportunity to learn it !
Further, React Native can let you use JS for mobile apps too, if that's what you meant by 'applications' or you could simply keep it a web app.
PS. This may also be possible with HTML5, which is perhaps simpler and easier to learn, but I'm no a web dev so that will have to be confirmed by someone else.
I am sure, though, that this is very efficiently doable in JS.
At the moment I have to develop some python tools, because nearly every software I use (QGIS, FreeCAD, Gimp, probably my toothbrush ...) has a python interface.
I would like to write lazarus applications (with button, edits and all the nice components), that uses my python routines in the background and show the results in lazarus.
Is there a way?
Here's an example at the Lazarus forum how to use the Python for Lazarus package. From Lazarus Online Package Manager it installs automatically.
https://forum.lazarus.freepascal.org/index.php/topic,43557.msg305118.html#msg305118
Set PythonEngine.IO to PythonGUIInputOutput, then choose a control for PythonGUIInputOutput.Output to show data and your good to go.
You could try to use
https://github.com/pyscripter/python4delphi
that is a binding between the two.
There is also always available the possibility of implementing a web server with python and publish its services on http for use from lazarus.
Note however that if what you want is a GUI then Qt (using PyQt or PySide) is a very complete GUI library with a very good binding for Python... it has all the widgets you can imagine, and then some more.
In that case all the code you write is in Python.
I'm looking for suggestions on how to go about building an application that uses R for analytics, table generation, and plotting. What I have in mind is an application that:
displays various data tables in different tabs, somewhat like in Excel, and the columns should be sortable by clicking.
takes user input parameters in some dialog windows.
displays plots dynamically (i.e. user-input-dependent) either in a tab or in a new pop-up window/frame
Note that I am not talking about a general-purpose fron-end/GUI for exploring data with R (like say Rattle), but a specific application.
Some questions I'd like to see addressed are:
Is an entirely R-based approach even possible ( on Windows ) ? The following passage from the Rattle article in R-Journal intrigues me:
It is interesting to note that the
first implementation of Rattle
actually used Python for implementing
the callbacks and R for the
statistics, using rpy. The release
of RGtk2 allowed the interface el-
ements of Rattle to be written
directly in R so that Rattle is a
fully R-based application
If it's better to use another language for the GUI part, which language is best suited for this? I'm looking for a language where it's relatively "painless" to build the GUI, and that also integrates very well with R. From this StackOverflow question How should I do rapid GUI development for R and Octave methods (possibly with Python)? I see that Python + PyQt4 + QtDesigner + RPy2 seems to be the best combo. Is that the consensus ?
Anyone have pointers to specific (open source) applications of the type I describe, as examples that I can learn from?
There are lots of ways to do this, including the python approach you mention. If you want to do it solely within R and if your aims are modest enough, the gWidgets package can be used. This exposes some of the features of either RGtk2, tcltk or qtbase (see the qtinterfaces project on r-forge) in a manner that is about as painless as can be. If you want more, look at using those packages directly. I'd recommend RGtk2 if you are going to share with others and if not, qtbase or tcltk.
Python + Qt4 + RPy = Much Win.
For example, see what Carson Farmer has done with Qgis and the ManageR plugin - its a full R interface to geographic data in the Qgis mapping package.
Depending on how much statistical functionality you need you might even get away without needing it at all, doing all the stats in Python, leveraging such goodies as the Numpy numeric package and the Qwt plotting canvas.
How about traditional LAMP + a R backend? Optionally s/MySQL/Postgres and optionally s/PHP/Perl Rapache looks pretty cool too: rapache.net
If you go for C++, take a look at rcpp and Rinside
Java can be combined with R using JRI
RServe gives you a TCP/IP protocol to interact with R. There's a Java client and a C++ client, so either of them can be used.
On a sidenote: Another thing you should be aware of, is that R contains quite some libraries written in Fortran and C, that can be called directly. Same goes for more advanced packages like VGAM, they also contain quite some C routines. Depending on what exactly you want to do, you might try to work with those ones, just to avoid the overhead of the R functions itself.
I've been looking for an overview of those myself, but AFAIK you'll have to do some effort to get everything. Some things you certainly should look at is The R language definition and R Internals.
I'm creating a corewars type application that runs on django and allows a user to upload some python code that will control their character. Now, I know the real answer to this is that as long as I'm taking code input from untrusted users I'll have security vulnerabilities. I'm just trying to minimize the risk as much as possible. Here are some that spring to mind:
__import__ (I'll probably also do some ast scanning to make sure there aren't any import statements)
open
file
input
raw_input
Are there any others I'm missing?
There are lots of answers on what to do in general about restricting Python at http://wiki.python.org/moin/SandboxedPython. When I looked at it some time ago, the Zope RestrictedPython looked the best solution, working with a whitelist system. You'll still need to take care in your own code so that you don't expose any security vulnerabilities, but that seems to be the best system out there.
Since you sound determined to do this, I'll link you to the standard rexec module, not because I think you should use it (don't - it has known vulnerabilities), but because it might be a good starting point for getting your webserver compromised your own restricted-execution framework.
In particular, under the heading "Defining restricted environments" several modules and functions are listed that were considered reasonably safe by the rexec designer; these might be usable as an initial whitelist of sorts. I'd also suggest examining its code for other gotchas you might not have thought of.
You will really need to avoid eval.
Imagine code such as:
eval("__impor" + "t__('whatever').destroy_your_server")
This is probably the most important one.
Yeah, you have to whitelist. There are so many ways to hide the bad commands.
This is NOT the worst case scenario:
the worst case scenario is that someone gets into the database
The worst case scenario is getting the entire machine rooted and you not noticing as it probes your other machines and keylogs your passwords. Isolate this machine and consider it hostile (DMZ, block it from being able to launch attacks internally and externally, etc). Run tripwire or AIDE on non-writeable media and log everything to a second host.
Finally, as plash shows, there are a lot of dangerous system calls that need to be protected against.
If you're not committed to using Python as the language inside the game, one possibility would be to embed Lua using LunaticPython (I suggest the bugfixes branch at https://code.launchpad.net/~dne/lunatic-python/bugfixes).
It's much easier to sandbox Lua than Python, and it's much easier to embed Lua than to create your own programming language.
You should use a whitelist, rather than a blacklist. If you use a blacklist, you will always miss something. Even if you don't, Python will add a function to the standard library, and you won't update your blacklist in time.
Things you're currently allowing but probably should not include:
compile
eval
reload (if they do access the filesystem somehow, this is basically import)
I agree that this would be very tricky to do correctly. One complication (among many) could be a user accessing one of these functions through a field in another class.
I would consider using another isolation mechanism, such as a virtual machine, instead or in addition to this. You might look at how codepad does it.
I'm looking for a python browser widget (along the lines of pyQT4's QTextBrowser class or wxpython's HTML module) that has events for interaction with the DOM. For example, if I highlight an h1 node, the widget class should have a method that notifies me something was highlighted and what dom properties that node had (<h1>, contents of the tag, sibling and parent tags, etc). Ideally the widget module/class would give access to the DOM tree object itself so I can traverse it, modify it, and re-render the new tree.
Does something like this exist? I've tried looking but I'm unfortunately not able to find it. Thanks in advance!
It may not be ideal for your purposes, but you might want to take a look at the Python bindings to KHTML that are part of PyKDE. One place to start looking is the KHTMLPart class:
http://api.kde.org/pykde-4.2-api/khtml/KHTMLPart.html
Since the API for this class is based on the signals and slots paradigm used in Qt, you will need to connect various signals to slots in your own code to find out when parts of a document have been changed. There's also a DOM API, so it should also be possible to access DOM nodes for selected parts of the document.
More information can be found here:
http://api.kde.org/pykde-4.2-api/khtml/index.html
I would also love such a thing. I suspect one with Python bindings does not exist, but would be really happy to be wrong about this.
One option I recently looked at (but never tried) is the Webkit browser. Now this has some bindings for Python, and built against different toolkits (I use GTK). However there are available API for the entire Javascript machine for C++, but no Python bindings and I don't see any reason why these can't be bound for Python. It's a fairly huge task, I know, but it would be a universally useful project, so maybe worth the investment.
If you don't mind being limited to Windows, you can use the IE browser control. From wxPython, it's in wx.lib.iewin.IEHtmlWindow (there's a demo in the wxPython demo). This gives you full access to the DOM and ability to sink events, e.g.
ie.document.body.innerHTML = u"<p>Hello, world</p>"