[racket] Stateless Web Server: Generating a response on a stuffer error
Wow. Thank you very much.
On Tue, Apr 24, 2012 at 4:31 PM, Jay McCarthy wrote:
> There was no way to do this, but I just added the 92nd keyword to
> serve/servlet to do it:
>
> #:servlet-responder
> (λ (url exn)
> (response/xexpr
> `(html (body "Some other message"))))
>
> allows you to inspect the exception and return a different thing.
>
> (The push will happen shortly.)
>
> Jay
>
> On Mon, Apr 23, 2012 at 3:35 PM, Galler <lzgaller at optonline.net>
> wrote:
>> Description:
>>
>> the stateless webserver allows a user to generate a stuffer to
>> manipulate
>> the encoding of the ANF sent to the client in the URL
>>
>> For example
>>
>> (stuffer-chain serialize-stuffer (stuffer-compose base64-stuffer
>> (HMAC-SHA1-stuffer #"mysupersecretkey")))
>>
>> will prepend a digest to the base64-encoded ANF, and recompute and
>> authenticate the digest on receipt.
>>
>> If either the encoded ANF, or the digest has been altered (i.e.
>> forged) by
>> the client, the stuffer correctly throws an error, which is caught by
>> the
>> webserver, which sends the following response back to the client:
>>
>> <some html>
>> Exception
>>
>> The application raised an exception with the message:
>>
>> HMAC-SHA1-stuffer: Signature does not match!
>>
>> </some html>
>>
>> Question:
>>
>> While the behavior is absolutely correct, is there someplace to set a
>> response if an error occurs with the stuffer? Is the error caught at
>> the
>> top-level of the dispatching server and not available for
>> customization?
>>
>> If the answer is the latter, its ***not*** critical and probably not
>> important to implement.
>>
>> Example code: Once running, alter the url in your browser in any
>> manner
>> (character addition, deletion, substitution) to generate the expected
>> error.
>>
>> #lang web-server
>>
>>
>> (require web-server/stuffers)
>> (provide/contract (start (request? . -> . response?)))
>>
>> (define (start request)
>> (phase-1 request))
>>
>> ; phase-1: request -> response
>> (define (phase-1 request)
>> (local [(define (response-generator embed/url)
>> (response/xexpr
>> `(html
>> (body (h1 "Phase 1")
>> (a ((href ,(embed/url phase-2)))
>> "click me!")))))]
>> (send/suspend/dispatch response-generator)))
>>
>> ; phase-2: request -> response
>> (define (phase-2 request)
>> (display (request-bindings/raw request))
>> (local [(define (response-generator embed/url)
>> (response/xexpr
>> `(html
>> (body (h1 "Phase 2")
>> (a ((href ,(embed/url phase-1)))
>> "click me!")))))]
>> (send/suspend/dispatch response-generator)))
>>
>>
>> (require web-server/servlet-env)
>> (serve/servlet start
>> #:stateless? #t
>> #:launch-browser? #t
>> #:connection-close? #t
>> #:stuffer (stuffer-chain serialize-stuffer
>> (stuffer-compose
>> base64-stuffer (HMAC-SHA1-stuffer #"mysupersecretkey")))
>> #:quit? #f
>> #:listen-ip #f
>> #:servlet-path "/")
>> ____________________
>> Racket Users list:
>> http://lists.racket-lang.org/users
>
>
>
> --
> Jay McCarthy <jay at cs.byu.edu>
> Assistant Professor / Brigham Young University
> http://faculty.cs.byu.edu/~jay
>
> "The glory of God is Intelligence" - D&C 93
![[logo]](/logo.png){kind=logo}