&| What | '''Wapp''' |&
&| Where | https://wapp.tcl.tk/ |&
&| Description | A lightweight, secure [web framework%|%web microframework] in a single source file. Serves HTTP/1.1 directly, but supports [CGI] and [SCGI] as well. Aims for a small, easy-to-learn user API. |&
&| Prerequisites | Tcl 8.6 |&
&| Updated | 2019-10-15 |&
&| Author | [drh] |&
&| License | 2-clause BSD |&
** Download **
======nonefossil clone https://wapp.tcl.tk/index.html wapp.fossil
mkdir wapp
cd wapp
fossil open ../wapp.fossil
tclsh tests/test01.tcl
======
or see other alternatives at https://wapp.tcl.tk/index.html/doc/trunk/docs/download.md
** See also **
* [My first wapp-lication]
* [STLViewer - a first approach for a wapp-lication]
* [tinyfts]
* Serve static content, threads, routes - https://github.com/jbroll/wapp%|%github.com/jbroll/wapp%|%
** Discussion **
[DEC] And you get hold of it by......?
[AM] See the link above
[DEC] Which one?, No simple zip file then..
[EMJ] Again, see above, particularly the "other alternatives" link.
The following code excerpt results in no image being shown in browser.
However, when I bring up the text view of the HTML (via ctrl-U on Chrome browser) and click the link from there, the image shows up.
Why does the image not show up through wapp-default? 'Hello' prints as expected. Thanks in advance, Doug.
(I replaced the real domain with example.com)
======
#!/usr/bin/tclsh
source <full_path>/lib/wapp/wapp.tcl
proc wapp-default {
wapp-subst {
<img src="http://www.example.com/IMG_1870.JPG" style="width:75%">
<br><b>Hello</b> World!
}
}
wapp-start
======
[dbohdan] 2018-03-27: That's a consequence of Wapp's default [https://en.wikipedia.org/wiki/Content_Security_Policy%|%Content Security Policy]. (One of Wapp's design goals is to be [https://wapp.tcl.tk/index.html/doc/trunk/docs/security.md%|%secure by default], so the default policy is as strict as possible.) You can use `curl -v` and your Web browser's Console [https://developer.mozilla.org/en-US/docs/Tools/Web_Console] [https://developers.google.com/web/tools/chrome-devtools/console/] to debug the Content Security Policy.
Here is an example of how you can configure the Content Security Policy to allow images from a certain host:
======
#! /usr/bin/env tclsh
source wapp.tcl
proc wapp-default {} {
wapp-content-security-policy \
{default-src 'self'; img-src 'self' https://picsum.photos}
wapp-subst {
<!doctype html>
<img src="https://picsum.photos/450/300" style="width:75%">
<br><b>Hello</b> World!
}
}
wapp-start $::argv
======
<<categories>>Internet | Web | Dev. Tools