我目前正在尝试构建一个 Flask Web API,它能够在 POST 请求中接收 python 对象。
我使用 Python 3.7.1 创建请求,使用 Python 2.7 运行 API。该 API 设置为在我的本地计算机上运行。我试图发送到我的 API 的对象是RandomForestClassifier
对象来自sklearn.ensemble
,但这可以是多种对象类型中的任何一种。
到目前为止我已经尝试过json.dumps()
我的对象,但该对象不可 JSON 序列化。我也尝试过pickle.dumps()
我的对象,但这在尝试在 API 端加载对象时导致了错误。另外,由于 API 将接收来自匿名用户的请求,我担心执行pickle.loads()
在可能的恶意对象上。
这是一种有根据的担忧吗?如果是这样,在 POST 请求中发送任何 python 对象的最佳方式是什么?
执行POST请求的脚本:
import requests
import pickle
url = "http://localhost:5000/flask-api-function"
# the object I want to send is the 'model' object
data = pickle.dumps(model)
r = requests.post(url,data=data)
烧瓶 API:
@app.route('/flask-api-function', methods=['POST'])
def flask_api_function():
model = pickle.loads(request.get_data())
当尝试使用 pickle 解码数据时,此设置实际上会导致错误:
Traceback (most recent call last):
File "/Library/Python/2.7/site-packages/flask/app.py", line 2309, in __call__
return self.wsgi_app(environ, start_response)
File "/Library/Python/2.7/site-packages/flask/app.py", line 2295, in wsgi_app
response = self.handle_exception(e)
File "/Library/Python/2.7/site-packages/flask/app.py", line 1741, in handle_exception
reraise(exc_type, exc_value, tb)
File "/Library/Python/2.7/site-packages/flask/app.py", line 2292, in wsgi_app
response = self.full_dispatch_request()
File "/Library/Python/2.7/site-packages/flask/app.py", line 1815, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/Library/Python/2.7/site-packages/flask/app.py", line 1718, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/Library/Python/2.7/site-packages/flask/app.py", line 1813, in full_dispatch_request
rv = self.dispatch_request()
File "/Library/Python/2.7/site-packages/flask/app.py", line 1799, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/Users/larssuanet/Documents/enjins/dscs/flask_api.py", line 39, in store_model
model = pickle.loads(request.get_data())
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/pickle.py", line 1382, in loads
return Unpickler(file).load()
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/pickle.py", line 858, in load
dispatch[key](self)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/pickle.py", line 886, in load_proto
raise ValueError, "unsupported pickle protocol: %d" % proto
ValueError: unsupported pickle protocol: 3
有没有一种既美观又安全的方法呢?