POW! Server-side Javascript made easy

2007-10-16 03:58 pm
mdlbear: (hacker glider)
[personal profile] mdlbear
Plain Old Webserver
Plain Old Webserver (POW) is a fully-functional open source (GPL) webserver that works inside your browser. It uses Server Side Javascript (SJS) to deliver dynamic content.
(It also runs stand-alone on XULRunner, which is how I ran across it.)

This basically lets you take a dynamic website and run it offline. It's a lot like Google Gears, except that instead of being just an API meant to make it easy to take a web application temporarily offline, it's actually a full-bore web server. There are some intriguing possibilities.
  • Mood: geeky
Tags:
Flat | Top-Level Comments Only

Date: 2007-10-16 11:18 pm (UTC)
From: [identity profile] phillip2637.livejournal.com
From a high level of abstraction, that's rather funny: Oh, look, we just invented the "standalone application". :-)

Date: 2007-10-17 12:24 am (UTC)
mdlbear: blue fractal bear with text "since 2002" (Default)
From: [personal profile] mdlbear
The invention is the server-side Javascript.

Date: 2007-10-16 11:20 pm (UTC)
From: [identity profile] trogula.livejournal.com
There are some intriguing possibilities.

yes - like an easy to build, cross platform (unix included) Trojan horse. I can think of some really, really nasty possibilities that I'd never want to see on my network.

No thank you. It's not hackers and other responsible people that I'm worried about with this - it's the average user lacking clue that this could do a lot of damage to.

Date: 2007-10-17 12:27 am (UTC)
mdlbear: blue fractal bear with text "since 2002" (Default)
From: [personal profile] mdlbear
So how is it any worse than a small web server written in Java, Perl, Python, or Ruby?

Being an application or a browser extension, it has to be explicitly installed. Yes, you could undoubtedly use social engineering to get it installed by millions of clueless Windows users. So?

Date: 2007-10-18 08:49 am (UTC)
From: [identity profile] trogula.livejournal.com
It's worse, only by the ease of use by which it can be installed. Also, a browser extension is only a method of delivery - a couple of proof of concept phishing schemes I've seen could easily install this in a browser, unnoticed by the user. Also, this could be easily embedded in other browser plugins for nefarious purposes.

It's a good app.

Date: 2007-10-22 07:54 am (UTC)
From: (Anonymous)
"It's worse, only by the ease of use by which it can be installed."

Ease of use of installing harmful software? Maybe you never used IE.

POW is not only easy to install (you do have to disable popup blocker and explicitly allow the extension), but very easy to use. You fear trojans? An extension that has been reviewed by Mozilla volunteers and grilled by security experts hardly is an app to fear.

POW exposes XPCOM interfaces easily so anyone can write an extension. If you wanted to write an extension, it is a good place to start.

Dave
Flat | Top-Level Comments Only

Most Popular Tags

Links

Style Credit

Page generated 2026-01-09 07:11 am
Powered by Dreamwidth Studios