[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Future of Web Application in Gambas
[Thread Prev] | [Thread Next]
- Subject: Re: Future of Web Application in Gambas
- From: Linus <olivier.cruilles@xxxxxxxx>
- Date: Mon, 21 Apr 2025 17:36:39 -0400
- To: Benoît Minisini <benoit.minisini@xxxxxxxxxxxxxxxx>
- Cc: Linus <olivier.cruilles@xxxxxxxx>, user@xxxxxxxxxxxxxxxxxxxxxx
Sound good for me. Let’s go with that and we will see how it works. Thank you Benoit Olivier > Le 21 avr. 2025 à 16:57, Benoît Minisini <benoit.minisini@xxxxxxxxxxxxxxxx> a écrit : > > Le 21/04/2025 à 22:09, Linus a écrit : >> Ok so apparently I was wrong. >> So, could it be possible to improve this component with little >> features ? >> 1 - Could it be possible to set the « .public » folder, normally >> managed by the internal libthttpd Web Server, as option in command >> line Ex: add a GB_HTTPD_PUBDIR=<path to .public> to the gbr3 >> command >> Because if the project is started by his compiled *.gambas >> executable, the « .public » directory is not anymore writable and I >> need write into during the usage of the Web Application > > The ".public" directory of the project is only for read-only resource files that have no restrictions. > >> 2 - Could it be possible to have a restricted Directory, available >> by the libthttpd Web Server, ONLY if a session is VALID. Like that >> the libthttpd will be able to deserve normal .public files, and when >> a session is VALID, the libhttptd server will be able to deserver >> also secret/securised data. >> Just to explain, in my last Web Application project, once the user >> is authenticated, he can upload files to the application, through >> the web Browser. Once the file is received by the Web Application, >> it is stored in a directory, outside the « .public » because if it >> is stored into the « .public » directory, the file will available, >> potentially, for all people without authentication. This is due to >> the fact the libthttpd Web server deserver all files into « .public >> », simply when requested by the browser, that is normal in my point >> of view. So to permit the download by the Browser (initiated by the >> user) of restricted files, when requested, I create a temporary >> symbolic link in the « .public » pointing to the original file, >> available only few secondes, just the time for the user to download >> it. Once the file has been downloaded (delay in seconds), the >> symbolic link is removed, denying totally the possibility for anyone >> to download it without authentication. >> Maybe I’m in special case but I think Web Application that allow to >> send/receive file are common today. >> Thank you >> Olivier > > Instead of implementing special directories inside or outside the project, and hacks like that, I would prefer implementing the two followings features: > > 1) A button that allows the user to download something. > > You will tell the button the path of the file on the server, and it will handle everything automatically. > > 2) An object that can intercept HTTP requests so that you can create your own special requests and handle them manually. > > What do you think? > > -- Benoît Minisini.
| Future of Web Application in Gambas | Linus <olivier.cruilles@xxxxxxxx> |
| Re: Future of Web Application in Gambas | Benoît Minisini <benoit.minisini@xxxxxxxxxxxxxxxx> |
| Re: Future of Web Application in Gambas | Linus <olivier.cruilles@xxxxxxxx> |
| Re: Future of Web Application in Gambas | Benoît Minisini <benoit.minisini@xxxxxxxxxxxxxxxx> |