I have a bash script (supports linux/unix), that installs an application.
Instead of executing the script in the terminal, I want to deploy it as a web application.
I want to make a web graphical interface for this script, so that the user can give the necessary inputs in the web forms and when ready,then pass these variables into the bash script to be executed.
This script obvious needs root privileges.
I plan to make it with with tomcat 7 / servlet / jsp. I want to deploy it as .war file.
First, can this be done? Is it possible?
Second, is there any example? I didn't find anything.
Third, any alternative method/better idea?
I'd try tomcat's own CGI support.
http://tomcat.apache.org/tomcat-6.0-doc/cgi-howto.html
Well, it's possible, but keep in mind that sanitizing user input is hard.
What you want to do is use a scripting language or framework (I recommend sinatra), and use a html form to pass arguments to the backend. In the backend, you call your script by passing whatever arguments you want.
Example with sinatra:
post '/whatever' do
# This is dangerous!
`myscript #{params[...]}`
end
Err, but you want this to run on the client side, right?
So you don't really run it as bash on your system, you just template it within your web framework.
If the browser can then display this, it won't just d/l as a file, so you will need to set up a Content-Disposition: attachment header in the response to force a d/l.
You will naturally need the user's cooperation to run this as root on his or her system...
Related
I am trying to implement some code for a GUI using openwrt and luci.
I would like to know how to implement a button or a formulary that trigger a lua command when the user submit it.
I make a lua script using ubus to control gpios and relays and now I am trying to make a GUI in which users will be allowed to control each GPIO and relays through ubus commands.
I know the commands to call ubus methods through the GUI.
I did a new page with several graphic items. Is it possible to implement a button/formulary which changes a variable and this variable will be used by a lua script?
Thank you.
Yes, there's two simple methods that can achieve this:
POST/GET request to controller.
Using Lua functions in the HTM.
The first one should not be hard to understand conceptually and you can read about POST/GET requests in JavaScript (AJAX) here: https://www.w3schools.com/jquery/jquery_ajax_get_post.asp
The second option is fine for something incredibly simple (or for testing purposes), but I would advise against using it over the first one just because there is less to type. All you need to do is simply surround your Lua code with <% (code goes here) %>.
However, there is another way which does not rely on Lua/JavaScript at all. You can make a config file (as it does seem you are saving something to it) and make an init script launch the service/change some parameters after any change to the configuration file using procd. Here's an example of how to do that: https://openwrt.org/docs/guide-developer/procd-init-scripts
Use curl commands, you can trigger a curl command when button is pressed and there by you can achieve your functionality
I am developing a Ruby script designed for CLI which is based on a REST API. This API needs a token as credentials in order to recognize the user and allows him to retrieve his informations.
For now, this scripts asks the 30-length token in the console every time it is launched.
Now I'd like to store this token to avoid asking it every time the user wants to use the script. I don't know what the best way is, do I have to create a hidden file, containing the token, or ask the user to store it in an environment variable ?
I wanted to use the environment variable solution, but I don't know if it will work the same way for Windows or Linux.
Compose all approaches. Something like this:
def get_my_token()
if ENV["MY_TOKEN"]
return ENV["MY_TOKEN"]
end
token_path = File.expand_path("~/.my_token") # will be expanded to user's home (Documents or smth) in windows, check it yourself as I don't have running windows around here
if File.exists?(token_path)
return File.read(token_path).strip
end
# resort to asking user for token here
end
ENV should go first - so you'll be able to override your config if needed for some testing purpose. Also note that you can run your script as MY_TOKEN=xxxx ruby my_app.rb as well.
Does anyone know if there is a way to load any external executable javascript from a firefox add-on extension? I looked into scriptloader.loadSubScript, but it appears that it can only load from a local resource.
Any help would be appreciated.
You can always xhr for a file, save the contents to disk, then use scriptloader.loadSubScript with an add-on
this would violate the AMO policies though, so you wouldn't be able to upload the add-on to http://addons.mozilla.org
As #erikvold already pointed out, doing so would be a security hazard AND it also violates AMO rules (because it is a security hazard).
Consider your server gets compromised, or there is a way to MITM the connection retrieving the remote script (TLS bugs anyone :p), or you sell your domain and the new owner decides to ship a script to collect credit card information straight from a user's hard disk...
However, it is possible to run a remote script in an unprivileged environment, much like it would run in a website.
Create a Sandbox. The Sandbox should be unprivileged, e.g. pass an URL in your domain into the constructor.
Retrieve your script, e.g. with XHR.
Evaluate your script in the Sandbox and pull out any data it might have generated for you.
This is essentially what tools like Greasemonkey (executing user scripts) do.
Creating and working with Sandboxes in a secure fashion is hard, and the Sandbox being unprivileged prohibits a lot of use cases, but maybe it will work for your stuff.
Try using Components.utils.import .
Example :
const {Cc,Ci,Cu} = require("chrome");
Cu.import("url/path of the file");
Note :
js file which uses DOM objects like window, navigator, etc. will return error saying "window/navigator is undefined". This is simply because the main.js code does not have access to DOM.
Refer this thread for more information.
I am working on device which has embeded OS with limited features and space. I am can't install any scripting language like php curl. I would like to know is there any way to call https url with some header values (e.g. content type) using shell script and once get response that can be displayed on web page or can write into file.
Regds
curl and wget, as already suggested, are usually available in shells. If those are not available you'll have to give more details about your platform to figure out what could be available.
You can probably try wget like this:
wget --http-user=user --http-password=password http://domain.com/dir/file
I've already read posts like Passing PHP arguments into NetBeans into a page that features symfony url-routing
but I cannot make things work.
I would like to run the following page:
http://localhost/s/web/frontend_dev.php/travel
So I tried first the "Local Website Configuration" with Netbeans 6.9.1. As stated in the linked thread there is an issue here since I can point to the project url and to the "web/frontend_dev.php" index file but I am not able to have "/travel" as an argument since Netbeans always prefixes it with ? for parameter passing which I don't want.
I the mentioned thread the solution is supposed to be using the Script Config option. Fine
I can point to php.exe and I can point to the index file again at web/frontend_dev.php but although I can pass arguments like /travel there it still does not work since it creates a whitespace in the call:
php.exe ./web/frontend_dev.php /travel
which does not work either.
It is easier to use the following:
Set the Debug URL to "Do not open Webbrowser" (Project->Properties->Run Configuration->Advanced)
Start the debugging session with Netbeans (Netbeans doesn't start a browser but waits for a XDebug connection)
Use the easy XDebug-Firefox-Plugin to start XDebug for you Symfony App (easy XDebug)
Thats it. This is working perfectly for my Symfony apps
As far as I undersand you, this is a std-situation when there is no 101-path-mapping from file-path to URL-path.
In Eclipse you can either define a completely new path-mapping or make Eclipse request a certain URL-path. In your case you would just define localhost as your server and '/s/web/frontend_dev.php/travel' as the path to attach.
I'm pretty sure there is a similar option in NetBeans as this is in times of mod-rewrite and Zend FW a very common situation.