On 12/21/2019 9:25 PM, Matt Jadud wrote:
My off-list thought (which was largely because I wasn't sure it would even work) was to run a second web server on another port that was bound to localhost. Then, SSH onto the localhost when needed, and squirt values into the locally bound webserver as needed. Depending on the server config (e.g., you're the only one on it) would make this reasonably secure. (If someone got onto your host, you probably aren't worrying about the hash table of parameters...)
Certainly you can run a 2nd web server on a different port, but IMHO that is overkill.
I use shared secrets to secure my setting page: a hidden parameter whose value is a cryptohash of a shared pass-phrase. If that parameter isn't present, the web server returns "unknown URL" rather than the setting page.
George -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to racket-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/racket-users/253b8bc1-842c-e3df-ae45-cedd7f4e2fce%40comcast.net.
