Today, the web programming landscape is littered with frameworks. I remember a time when you simply selected your programming language and used it to create a web application. Now in addition to the language (some would say platform), you must choose a web framework. Now, don’t get me wrong, you can proceed without a framework, but you are generally much better off with than without one.
So, what exactly is a web framework? Well, at the very least, a web framework will handle the low level HTTP plumbing necessary for writing a web application. Things like decoding input, handling HTTP status codes and headers etc. At it’s most feature rich, it provides data access abstraction, form handling/validation, and more.
One important feature of a web framework is security mechanisms. Most modern frameworks have in-built SQL injection protection, anti-XSS features even CSRF prevention. Some of the more well thought out web frameworks render these attacks obsolete without any intervention on the part of the developer. Further, they generally include a suite of authentication and authorization tools that remove the need to find or build them.
The trade-off as always is that the more tasks your framework handles for you, the less control you have over these tasks. The framework that handles the common tasks while still allowing the developer to intervene when necessary is a truly beautiful thing. It is in this regard that the Django web framework really shines. Other available web frameworks even for platforms other than Python shine to a greater or lesser degree. However, I feel that Django coupled with Python really make for a great web application platform.
I have always heard that Python comes with batteries included, and that is definitely true. No matter what problem you are solving, Python will have a library or other resource to help you solve it. The entire language seems to aspire to being as streamlined as possible. There are no helmets or handrails in Python. If you want to write poor code in Python, there is nothing preventing you from doing so. The problem with some other languages is that they seem to try to prevent programmers from writing bad code. This is impossible for a language to do, attempting this feat just complicates things for good developers. A lot of these protections are optional in Python, or are left out altogether, others are handled by convention rather than coercion. A good example of this is constants; Python does not have constants but the convention dictates that upper-case variables be treated as such. The language need not concern itself with coercing developers to do the right thing.
SmartFile uses Django, we use Python, these technologies get out of our way and allow us to write useful software. However, when we have a particularly hard or obscure problem to solve, we also have absolute control.
Developers that have used ASP, ASP.NET, JSP, PHP, Perl-CGI to develop web applications must see these technologies as stone tools now. We have entered the bronze age of web development and I for one look forward to the iron age.