[squeak-dev] The Inbox: WebClient-Help-hjh.12.mcz
Tobias Pape
Das.Linux at gmx.de
Thu Mar 21 08:22:49 UTC 2019
> On 21.03.2019, at 09:17, commits at source.squeak.org wrote:
>
> A new version of WebClient-Help was added to project The Inbox:
> http://source.squeak.org/inbox/WebClient-Help-hjh.12.mcz
>
> ==================== Summary ====================
>
> Name: WebClient-Help-hjh.12
> Author: hjh
> Time: 21 March 2019, 9:17:15.221027 am
> UUID: de170216-199a-4a97-9611-ca13691657f1
> Ancestors: WebClient-Help-kfr.11
>
> Replace Smalltalk with SmalltalkImage current.
>
Why? Especially, since SmalltalkImage class>>current reads:
current
"Deprecated. Use Smalltalk instead."
^Smalltalk
Best regards
-Tobias
> =============== Diff against WebClient-Help-kfr.11 ===============
>
> Item was changed:
> ----- Method: WebServerHelp class>>addingActions (in category 'pages') -----
> addingActions
> "This method was automatically generated. Edit it using:"
> "WebServerHelp edit: #addingActions"
> + ^(HelpTopic
> - ^HelpTopic
> title: 'Adding Actions'
> contents:
> 'Let''s add some real stuff that might be useful on a server:
>
> WebServer default addService: ''/smalltalk'' action:[:req| | action |
> action := (req fields at: ''get'' ifAbsent:['''']) asSymbol.
> + req send200Response: (SmalltalkImage current perform: action) asString
> - req send200Response: (Smalltalk perform: action) asString
> ].
>
> We can now request some interesting things like:
>
> (WebClient httpGet:''http://localhost:8080/smalltalk?get=systemInformationString'') content.
> (WebClient httpGet:''http://localhost:8080/smalltalk?get=platformName'') content.
>
> Obviously, this poses quite a risk for abuse. One way to limit this risk is to expose specific actions, such as here:
>
> #(systemInformationString platformName) do:[:symbol|
> WebServer default addService: ''/info/'', symbol action:[:req|
> req send200Response: (Smalltalk perform: symbol) asString]].
>
> (WebClient httpGet:''http://localhost:8080/info/systemInformationString'') content.
> (WebClient httpGet:''http://localhost:8080/info/platformName'') content.
>
> Alternatively, authentication can be used to limit access to exposed resources.
> !!
> + ]style[(72 7 1 11 1 12 1 7 2 3 1 1 1 1 6 1 1 3 6 1 2 1 1 3 1 6 1 3 1 5 1 9 4 1 1 8 4 3 1 16 1 1 23 8 1 6 1 1 8 68 8 61 2 7 14 8 50 2 7 126 23 1 12 2 3 2 6 1 13 7 1 11 1 8 1 1 6 1 7 1 1 3 1 4 3 1 16 1 1 10 8 1 6 1 1 8 1 16 8 52 2 7 14 8 41 2 7 84),c000000126,,c000000126,,c126000126,,c000000126,,c000000126,cgray;,,cgray;,,cgray;,,cgray;,,cgray;,,b,,c000126000,c000000126,,c000000126,,c000000126,,c126000126,,c000000126,c126000126,c000126000,,c000000126,,c000000126,,c000000126,,c000126000,,c000000126,,cgray;,c000126000,,c000000126,,c000000126,c126000126,,c000000126,,c000000126,c126000126,,c000000126,,c000000126,,c000000126,,c000000126,,c000000126,cgray;,,c000000126,,c000000126,,c126000126,c000000126,,c000000126,,c000000126,c000126000,,c000000126,cgray;,,c000000126,,c000000126,,c126000126,,c000000126,,c000000126,c126000126,,c000000126,c000126000,,c000000126,c126000126,,c000000126,,c000000126,c126000126,,c000000126,!!' readStream nextChunkText)
> + key: #addingActions!
> - ]style[(61 11 7 1 11 1 12 1 7 2 3 1 1 1 1 6 1 1 3 6 1 2 1 1 3 1 6 1 3 1 5 1 9 4 1 1 8 4 3 1 16 1 1 10 8 1 6 1 1 8 5 51 12 8 61 2 7 14 8 50 2 7 2 121 3 23 1 12 2 3 2 6 1 13 7 1 11 1 8 1 1 6 1 7 1 1 3 1 4 3 1 16 1 1 10 8 1 6 1 1 8 1 3 1 12 8 52 2 7 14 8 41 2 7 2 82),cblack;,c000000127,cblack;,c000000127,cblack;,c127000127,cblack;,c000000127,cblack;,c000000127,cgray;,cblack;,cgray;,cblack;,cgray;,cblack;,cgray;,cblack;,cgray;,cblack;,b,cblack;,c000127000,c000000127,cblack;,c000000127,cblack;,c000000127,cblack;,c127000127,cblack;,c000000127,c127000127,c000127000,cblack;,c000000127,cblack;,c000000127,cblack;,c000000127,cblack;,c000127000,cblack;,c000000127,cblack;,cgray;,c000127000,cblack;,c000000127,cblack;,,cblack;,c000000127,c127000127,cblack;,c000000127,cblack;,c000000127,c127000127,cblack;,c000000127,cblack;,,cblack;,c000000127,cblack;,c000000127,cblack;,c000000127,cblack;,c000000127,cgray;,cblack;,c000000127,cblack;,c000000127,cblack;,c127000127,c000000127,cblack;,c000000127,cblac
> k;,c000000127,c000127000,cblack;,c000000127,cgray;,cblack;,c000000127,cblack;,c000000127,cblack;,c127000127,cblack;,c000000127,cblack;,c000000127,c127000127,cblack;,c000000127,c000127000,cblack;,,cblack;,c000000127,c127000127,cblack;,c000000127,cblack;,c000000127,c127000127,cblack;,c000000127,cblack;,!!' readStream nextChunkText!
>
>
More information about the Squeak-dev
mailing list
|