Cross-site request forgery is a technique where a malicious website can gain access to another web site by hijaacking a currently open session that the user has open to the site. This technique can also affect identification via SSL Certificates or anything else that the browser sends to the server automatically when a request is made.
See also
Dojo is a JavaScript toolkit that aims to be a standard library for JavaScript. It provides a small core library with useful functions and an expanded set of scripts that can be added that provide widgets and other features.
See also
A simple Python web framework that we’re using in parts of Fedora Infrastructure. It provides good documentation and simplicity in its design.
See also
JavaScript Object Notation is a format for marshalling data. It is based on a subset of JavaScript that is used to declare objects. Compared to xml, JSON is a lightweight, easily parsed format.
See also
A specification for single sign on to web services where the authentication server and the application seeking to have the user authenticated do not need to have complete trust in each other.
A web browser security policy that prevents one website from reading: 1) the cookies from another website 2) the response body from another website
A Python web framework that most of Fedora Infrastructure’s apps are built on.
See also
The successor to TurboGears, TurboGears2 provides a very similar framework to coders but has some notable differences. It is based on pylons and paste so it is much more tightly integrated with WSGI. The differences with :ref`TurboGears`1 are largely with the organization of code and how to configure the application.
See also
WSGI is an interface between web servers and web frameworks that originated in the Python community. WSGI lets different components embed each other even if they were originally written for different python web frameworks.