Django is getting me down. I want to love it. You see, I love python but its so hard to do some seemingly trivial stuff:

  • Getting my AJAX POSTS past Django’s inbuilt CSRF filtering still isn’t working (see my previous post). My suspicion is some interaction between Django, Passenger, Dreamhost but I don’t know for sure. PHP just works. Does this mean PHP is inherently less secure? Answers on a postcard please.
  • After far too long faffing, my pal Jeff gave me the sage (and retrospectively obvious) advice to try it all on a local dev server, to bypass all the weird hosting interactions. This should be easy right? Heh. After even more time faffing, it turns out that static file serving for CSS, JS etc. doesn’t work out of the box with Django’s  built-in dev “runserver”. It turns out you need to jump through a bunch of hoops to get it working! WTF?

I’m starting to get a bad feeling about Django … I’m going to take a peek at web2py and also considering a shift to Rails.