Houdini 20.5 hwebserver

hwebserver.setSettingsForPort function

Set the settings for a specific port.

setSettingsForPort(settings, port_name="")

This function allows adjusting settings for a specific port.

PORT

The port number to listen on.

MAX_PORT

If specified the server will try from PORT up to the specified MAX_PORT. The server will stop at the first port that is usable.

ALLOW_SYSTEM_PORT

Allow the system to pick a port if the range of ports fail to find an available port.

ADDRESS

The address to bind the server on. The default is the any address (i.e. 0.0.0.0).

IPV6

Enable IPv6 support.

ALLOWED_HOSTS

The list of hosts the server is allowed to serve. This is a security measure to prevent host header attacks. The default is all hosts are allowed.

USE_X_FORWARDED_HOST

A boolean that specifies whether to use the X-Forwarded-Host instead of the Host header. The default is False.

LOG_FILE

The log file this port should log all of its information too.

MIN_LOG_SEVERITY

The minimum severity entries will be logged to the log file. The default is hwebserver.WarningSeverity.

SSL_CERTIFICATE

The SSL certificate chain the server should use.

SSL_CERTIFICATE_KEY

The private key the server should use. The key must be in PEM format.

SSL_DH_PARAMS

The Diffie-Hellman (DH) params the server should use.

SSL_VERIFY_PEER

If the server should verify the peer when using HTTPS. The default is True.

SSL_REDIRECT

If an HTTP request is received it will be redirected to HTTPS. If the request does not contain header Upgrade-Insecure-Requests: "1" then the server will reject the request with 403 (Forbidden).

SSL_REDIRECT_HOST

When redirecting an insecure request use this host instead of the host in the request. This has no affect if SSL_REDIRECT is False.

SSL_REDIRECT_EXEMPT

List of hosts that are exempt from being redirected to HTTPS. This has no affect if SSL_REDIRECT is False.

SECURE_HSTS_SECONDS

The number of seconds the client should remember the path is only to be accessed using HTTPS. The default is 0.

SECURE_HSTS_INCLUDE_SUBDOMAINS

If this is set to True then all subdomains should be treated as only accessible via HTTPS. The default is False.

SECURE_HSTS_PRELOAD

If this is set to True then the client should never attempt to use an insecure request. The default is False.

SECURE_CONTENT_TYPE_NOSNIFF

If this is set to True X-Content-Type-Options: nosniff is added to the response. This prevents against some types of drive-by-downloads. The default is True.

SECURE_REFERRER_POLICY

If this is set the Referrer Policy is added to all responses that do not already have this header set. The default is same-origin.

SECURE_CROSS_ORIGIN_OPENER_POLICY

This settings helps to prevent a set of cross-origin attacks dubbed XS-Leaks. This settings if specified will set the Cross-Origin-Opener-Policy if not already set. The default is same-origin.

hwebserver

Classes

Starting and Stopping

Handling Web Requests and Returning Responses

WebSocket

  • WebSocket

    Base class for WebSocket support with the embedded server.

  • hwebserver.webSocket

    Decorator for registering WebSocket classes with Houdini’s web server.

API Calls

  • hwebserver.apiFunction

    Decorator for functions that can be called through an API endpoint on Houdini’s web server, returning JSON or binary responses.

  • hwebserver.APIError

    Raise this exception in apiFunction handlers to indicate an error.