World: r3wp

Graham: maybe I've missed the meaning of your question, you were 
talking from the module perspective ? From within a module's callback, 
to generate a 404, just use : req/out/code: 404 return true

What are your thoughts regarding SSL discussion earlier?

Here's Doc's 404 mod with processing for custom 404 page

install-HTTPd-extension [
    name: 'mod-404
	
    order: [
        filter-output	first
    ]
	
    filter-output: func [svc req conf][
        either req/out/code = 404 [
            
			req/out/code: 404
			req/out/content: "YOUR 404 HTML HERE"
			true
        ][
            none
        ]
    ]
]

note everytime you change this module you need to restart .. should 
probably change req/out/content to... 
req/out/content: read %mycustom404.html

Can then change the 404 page without restarting server

How you detect that the page request is http and not https so that 
you can redirect the request?

It's in the req object i guess?  try req/in/path

and parse

Ok.

Im finding the 404 mods second either block [none] is not working.. 
getting a 204 'no content' error

or it's not loading the existing file?

actually.. it's fine.

Using this stunnel means that remoteip is all 127.0.0.1 :(

-T
    Transparent proxy mode.


    If your machine supports it, stunnel will operate in transparent 
    proxy mode. Thus it will connect to the destination machine as if 
    it were the remote/client. In other words, the service to which you're 
    connecting will see the actual source IP address, rather than the 
    machine upon which this stunnel daemon is running. Helpful to maintain 
    good logs.

-p file

tansparent mode works on linux... not stated if it works for win32

ssl is just as easy.

Terry, in theory, it should be possible to reload the module code 
while the server is running, in practice, the internal framework 
is lacking a few functions to allow you to do that. Maybe I should 
make such feature available through the RConsole service (thinking 
loud).

SSL support, currently the only way to support SSL for Cheyenne is 
sTunnel.

A method to distinguish between SSL request (coming from stunnel) 
or normal HTTP request, is to make Cheyenne listens on 2 ports : 
80 and 443 (for example, could be any port <> 80) and configure stunnel 
to redirect the decrypted SSL traffic to port 443. Then in your RSP, 
request/server-port will tell which port was used to receive the 
request. Example :

switch request/server-port [
	80  [...normal HTTP traffic...]
	443 [...SSL traffic...]
]

need to be careful not to allow users to access http://yourhost:443 
though :)

sure ;-)

maybe it would be a good idea to not use 443 but, e.g., 10443 and 
make sure to have a firewall rule blocking 10443 from outside.

if you want to experiment with such configuration, you need to change 
a few lines in cheyenne.r to make it listen on 2 ports. This is the 
procedure :

In %cheyenne.r, replace the following line :

    uniserve/boot/with []
    
by :

    uniserve/boot/with/no-loop []
    uniserve/control/start 'HTTPd 10443
    do-events

You could instantiate as much HTTPd server as you want by duplicating 
the uniserve/control/start line. Btw, you can do that with any UniServe 
services while your server is running through RConsole ;-)

If you can't block the traffic from outside using firewall rules, 
you can reject connections on port 10443 from within the HTTPd service 
by overloading the 'on-new-client callback and adding a check like 
this :

if all [
	client/local-port = 10443
	client/remote-ip <> 127.0.0.1
][
	close-client
	exit
]


This wouldn't be as efficient and secure as using a firewall, but 
should be suitable for most cases.

What is the problem with localhost:443 you describe?

If Stunnel listens on that port, it simply redirects traffic to your 
uniserve egnine, which listens on different port, no?

right, in fact, you could not make Cheyenne listen on 443 is stunnel 
is already running (because it will already use it).

that is my point .... but I am not strong with security issues, so, 
I better asked :-)

is stunnel => if stunnel

so you simulate https via stunnel? Does it work? I thought that Stunnel 
is mainly to create VPNs, so that you need stunnel on both sides?

stunnel basic usage is to add SSL functionnality as wrapper to non-SSL 
daemons. So it gives you HTTPS for free ;-)

Just a question about session data .. is that all stored in a cookie 
so that a client can alter session data, or is just the session key 
available to the client?

only the key, session data is kept server side

right, the session cookies are just random keys, all session data 
is kept in Cheyenne's memory.

IIRC it is not recommended to store any actual data in cookie itself 
...

How would I send a binary file to a client?  Do I set up the correct 
http content headers, read/binary on the file, and then print it?

Isn't this just a mime-type issue?  Get the extension/file-type and 
let the browser
handle the download off a link?  Or am I missing something?

there's no link.

ahh...

when the client clicks on the download, I have to retrieve the file 
from outside the web space

im guessing...  

req/out/headers:  List of [name [word!] value [string!]] header pairs
req/out/content: to-binary read file

I'll give it a go.

Terry, I guess that Graham's question is related to RSP context, 
not Cheyenne module programming. (btw, the correct way to set HTTP 
headers in module is to use the 'h-store function (see in %mod-static 
for examples).

Graham: look in %docs/rsp-api.html, see in Response Object / buffer, 
you'll have an example of the correct way to send an image file to 
the browser (just set the correct mime type for your own file).

Thanks

I got it working for pdf and jpg, but when I use response/set-header 
'Content-type "image/tiff"  .. it downloads something, but locks 
up FF completely!

try it in REBOL console, download and save the tiff file and try 
to open it to verify that your image is ok.

if you wish to try it ...in FF only as IE can't see the animated 
menus


https://www.compkarori.co.nzas guest 1234 .. click on results->imaging 
, click on the Letter link, and then the link to the tif image ( 
A new one I just uploaded ).