http://warot.com/python/ contains my recent python programs. I have to name them with .txt on the end or the web server tries to run them (and fails).
So far I've managed to get up to webserver008.py, which manages to create random numbers and keep a list of them available. At the rate I'm going, I'll have something usable in a few months, which is better than never. 8)
Should you choose to actually download and run the thing... here's what it does.
In a DOS box (or your command line equivalent)
Welcome to Mike Warot's capability based security demo web server, version 0.008
You can access it at http://127.0.0.1:81
Use control-c to tell it to shut down, which may take up to 10 seconds
started httpserver...
If you then open http://127.0.0.1:81 in a web browser, you'll get a very informative message like this:
this is the default content, not served from a file
Here are the valid tokens:
Now.. for the completely undocumented and poorly written section of code... change the URL to http://127.0.0.81/token, and you'll get something like this:
0451a66530b72a980725745c39992239
Isn't that lovely? If you then go back to the home page at http://127.0.0.1:81 and refresh the page, now you'll see:
this is the default content, not served from a file
Here are the valid tokens:
0451a66530b72a980725745c39992239 [Revoke]
That's a list of all the tokens, with the ability to revoke one of them. That's pretty much the full extent of the power of this demo.
It's a list, with a undocumented, poorly designed and inconsistent UI... but it's a step in the right direction. Oh... and it's licensed with the GPL so you can fork the project. ;-)
I hope to get a reasonable list view with the ability to issue tokens without having to mung the URL in the next day. Code to actually give out capabilities to edit a resource should be next week.
It's slow going, isn't it?
--Mike--
No comments:
Post a Comment