Ideally the html file would be hosted on some sort of cloud or local server to save on cost, the problem is the core ID and encryption key then goes public in the html file. Essentially I’m trying to figure out the easiest way to make this happen without compromising security.
Has anyone successfully run webduino while accessing html from the SD card yet?
Is there a simple Mac/PC webserver I could present to people who are interested in my DIY project?
I’m running a simple webserver using the Webserver library and added the customized uSD-adapter to read HTML files from a micro SD card using the SD library. I have also ordered the FRAM/SD shield, which should be compatible, but this one is still somewhere in it’s weeks-long journey from the far east to western Europe.
I can confirm that my SD setup works (most of the time), but the server isn’t 100% stable. I haven’t found the cause of instability yet, but suspect the CC3K driver of the WiFi part to behave unstable due to blocking. I do believe that when the Core is in-between, serving files from SD gives much more stability than serving them somehow from a cloud. In my case only a few files per hour are served and I expect the core to be even less stable when serving requests more frequently.
In my particular case I improved stability significantly by switching off the connection to the Spark cloud shortly after starting up. The various hangups are now much less frequent. However, it still hangs from time to time (most often during daytime and right after serving a page request). And those hangups most often return control after a 60 second timeout. To improve usefulness, I additionally added a watchdog function that regularly pings my gateway and automatically resets the Core after lengthy time-outs. Attempts to recover the network connection using various wifi functions failed and took too long, so for now I’ll settle for a reset that causes less than a minute of downtime.
@maxint I’m looking to serve one very simple file, and I don’t believe it will be accessed very often. In terms of disconnecting from cloud, my code depends on RTC so I’m not sure that’s a good idea. If it resets temporarily that’s also fine as the pumps only need to run a couple times per day or less. And when they do run, they only run for a few minutes.
I need to do some testing on this. I also need to consider figuring out a way to host a secure HTML file, just haven’t done that before. That’s my plan B.
I know there have been other discussions around this in the forums before. To avoid sending your keys to the browser, you’ll want to proxy the requests through your web server, using some flavor of server-side processing (php, nodejs, ruby on rails, python, etc).
I’m starting to wonder how much interest there might be in some sort of generic web service to handle this.
No, .htaccess is specific for Apache. However, by using the proper code you should be able to implement password authentication. I saw a bit of that in the Webserver library code, but have no further experience using that specific implementation…
Well that’s what I’m referring to, is hosting on an apache server at the moment. If I host the HTML file on my server, or any server, would an .htaccess file be strong enough for the moment?
I’m looking for some front end software that would allow for users to create accounts, any ideas on that? I have hosting on hostmonster.com and would love to be able to test it out for this purpose.
Okay, I was still thinking of the case where the Spark Core would host the file…
Strong enough for what? To keep hackers from your server I would not rely on a plain .htaccess file, however an .htaccess file can include more elaborate statements to keep the most common hacking-methods away from your server. In most cases I also use software such as CSF and when releasing a Wordpress website, I add WP-specific security plugins…
