NMControl, JSON-RPC, and REST

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: NMControl, JSON-RPC, and REST

Post by phelix »

Should be human readable and machine readable. I would prefer to leave http status codes out of the API error messages.

I would always return a dict. One can quickly check whether there is an item "error" - if it is not there then everything is fine.

---> Variant #2
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: NMControl, JSON-RPC, and REST

Post by biolizard89 »

phelix wrote:Should be human readable and machine readable. I would prefer to leave http status codes out of the API error messages.

I would always return a dict. One can quickly check whether there is an item "error" - if it is not there then everything is fine.

---> Variant #2
Sounds good, I'll see if I can have a pull request ready soon.
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: NMControl, JSON-RPC, and REST

Post by biolizard89 »

Hello phelix (or anyone else interested),

I'm trying to figure out the most efficient way of making some plugin methods "privileged" (i.e. untrusted users can't execute them). For example, starting and stopping plugins should not be possible by untrusted users. (This is particularly an issue since malicious websites can call arbitrary NMControl methods by sending HTTP requests to localhost.)

The rough idea I have, is to have a list of "public" methods in each plugin, which the Bottle handler can check before calling a method. If the requested method is not in the list of public methods, then the HTTP request should fail.

This is a little bit intrusive since it involves adding one line of code to each plugin, and that line needs to be edited if any additional public methods are added later. Is there a better way that I'm not thinking of, or should we just go with that?

Cheers.
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: NMControl, JSON-RPC, and REST

Post by phelix »

biolizard89 wrote:Hello phelix (or anyone else interested),

I'm trying to figure out the most efficient way of making some plugin methods "privileged" (i.e. untrusted users can't execute them). For example, starting and stopping plugins should not be possible by untrusted users. (This is particularly an issue since malicious websites can call arbitrary NMControl methods by sending HTTP requests to localhost.)

The rough idea I have, is to have a list of "public" methods in each plugin, which the Bottle handler can check before calling a method. If the requested method is not in the list of public methods, then the HTTP request should fail.

This is a little bit intrusive since it involves adding one line of code to each plugin, and that line needs to be edited if any additional public methods are added later. Is there a better way that I'm not thinking of, or should we just go with that?

Cheers.
I'm not quite sure I follow you... no websites should be able to call NMControl methods at all.

In Python private functions start with an underscore but it is purely a visual difference.
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: NMControl, JSON-RPC, and REST

Post by biolizard89 »

phelix wrote:
biolizard89 wrote:Hello phelix (or anyone else interested),

I'm trying to figure out the most efficient way of making some plugin methods "privileged" (i.e. untrusted users can't execute them). For example, starting and stopping plugins should not be possible by untrusted users. (This is particularly an issue since malicious websites can call arbitrary NMControl methods by sending HTTP requests to localhost.)

The rough idea I have, is to have a list of "public" methods in each plugin, which the Bottle handler can check before calling a method. If the requested method is not in the list of public methods, then the HTTP request should fail.

This is a little bit intrusive since it involves adding one line of code to each plugin, and that line needs to be edited if any additional public methods are added later. Is there a better way that I'm not thinking of, or should we just go with that?

Cheers.
I'm not quite sure I follow you... no websites should be able to call NMControl methods at all.

In Python private functions start with an underscore but it is purely a visual difference.
Any website can issue an HTTP request to any REST service on any server; this is how web browsers work. In our case, the same-origin policy will prevent the website from seeing the content of the response. However, we need to make sure that NMControl will not do something stupid if it receives such a request. Most of the methods are safe, in that the worst they can do is trigger a DNS lookup (which websites can already do anyway). The main exception (in current method set) is starting/stopping plugins, but this may change if we add other methods to NMControl in the future.

The underscore isn't really suitable, because right now NMControl already uses the underscore to indicate that a method isn't callable by the user at all. Also, we might want finer-grained control than a boolean in the future.

I think just storing a list of public methods for each plugin makes sense, unless you have a proposal for another method?
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: NMControl, JSON-RPC, and REST

Post by phelix »

We could also use Python decorators http://thecodeship.com/patterns/guide-t ... ecorators/
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: NMControl, JSON-RPC, and REST

Post by biolizard89 »

phelix wrote:We could also use Python decorators http://thecodeship.com/patterns/guide-t ... ecorators/
Good idea. I think I've got something working now; I'll send a PR shortly.
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: NMControl, JSON-RPC, and REST

Post by biolizard89 »

Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: NMControl, JSON-RPC, and REST

Post by phelix »

Nice trick using the func_dict. Will take a closer look and test but it will take me a while.
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: NMControl, JSON-RPC, and REST

Post by biolizard89 »

phelix wrote:Nice trick using the func_dict. Will take a closer look and test but it will take me a while.
Sure, no worries. (Anyone else want to test?)
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

Post Reply