On 01/21/2011 03:39 AM, Karel Klic wrote:
I'd like to propose two changes to the interface code:
(1) Currently the status can be obtained by accessing
"https://server/2222/", where 2222 = task id. We should support URLs
without the ending '/' - just "https://server/2222".
When doing this change I also updated the URL matching in the Apache
config file, to match our task ids (numbers only).
Reasonable, the patch looks OK.
(2) Every client access to '/2222', '/2222/log',
changes the task password. I think it's ok to generate the password only
in /create, and use the same password for all GET requests. It also
simplifies the client a lot.
The password is changing because of security. I agree that we do not
really need to change it - the crash only lives a few days. The design
document mentions 22 characters long password: 62^22 ~ 2^128. At the
moment, we are using 32 characters long password: 62^32 ~ 2^190. If
anybody finds it non-secure, we can always double the length :).
The patch looks OK.
Please consider the changes for inclusion.