|
Title: http server backend Post by: mkurnia on June 17, 2017, 06:59:28 AM Hello danijel,
I need your suggestion for code http server that i edited a bit like this for backend system from this http://www.realthinclient.com/write-a-robust-cross-platform-server-in-199-lines/ (http://www.realthinclient.com/write-a-robust-cross-platform-server-in-199-lines/), my client use delphi, php, java, etc to build interface. Code: procedure TMyServer.DataProv_CheckRequest(Sender: TRtcConnection); thank you Title: Re: http server backend Post by: D.Tkalcec (RTC) on June 17, 2017, 08:02:21 AM What did you edit and why? I need more info on what you wanted to achieve. Comments in the CheckRequest event do not match what you are doing in code.
Title: Re: http server backend Post by: mkurnia on June 17, 2017, 08:39:10 AM i am just edit little bit in DataProv_CheckRequest and DataProv_DataReceived, sorry in CheckRequest i'm forget to change Request.Method. but i have edited now.
if use rtcdatarequest i use this code: Code: procedure TForm1.Button2Click(Sender: TObject); i want all client with different tools can access thats API server create with rtchttpserver, Which is my question whether the code like that is enough for the stability of the application server? thank you Title: Re: http server backend Post by: D.Tkalcec (RTC) on June 17, 2017, 09:17:53 AM If your Server is supposed to work with any 3rd-party Client, you will need to handle a lot of situations which you wound't need to worry about in a closed setup.
For example, if you don't limit the maximum content length you are willing to acccept, but you buffer all the request content before you start processing it, a malicious Client could missuse this to bring your Server down simply by sending you a request with several GB in the request content body and your Server would end up using all of its RAM for a single Client and eventually crash. Then, there's a question of permissions. Unless you want to make everything available to everyone publicly, your Clients shoud send the Server some sort of authentication and the Server should check that before doing anyting. Anyway ... even though I can answer any questions related to correct component usage (your code looks fine to me), what you are asking for now is consulting and this exceeds the level of support I can provide through the Forums. Title: Re: http server backend Post by: mkurnia on June 17, 2017, 09:33:15 AM If your Server is supposed to work with any 3rd-party Client, you will need to handle a lot of situations which you wound't need to worry about in a closed setup. Thank you for the advice you gave, for the problem you described above I will handle all the possibilities that will hamper or make the server becomes stuck. Including authentication I will add as well.For example, if you don't limit the maximum content length you are willing to acccept, but you buffer all the request content before you start processing it, a malicious Client could missuse this to bring your Server down simply by sending you a request with several GB in the request content body and your Server would end up using all of its RAM for a single Client and eventually crash. Then, there's a question of permissions. Unless you want to make everything available to everyone publicly, your Clients shoud send the Server some sort of authentication and the Server should check that before doing anyting. Quote Anyway ... even though I can answer any questions related to correct component usage (your code looks fine to me), what you are asking for now is consulting and this exceeds the level of support I can provide through the Forums. If I have to get more support for you, I will contact you personally.Thank you very much Danijel, |