12 Apr
2013
12 Apr
'13
9:38 a.m.
Hi,
I am a first year undergraduate at IIT Roorkee.
I saw the list of proposed projects for GSoC 2013 and I am really
interested to work on the project idea of AJAX Error Reporting as I have
worked on a few projects based on JavaScript AJAX and was really excited
about it.
I have been working with JavaScript and jQuery since 2 years and I consider
myself as having a good working knowledge of it. I am really excited about
this project and would like to contribute.
I recently developed a simple yet elegant todo web application using AJAX,
the source code for which can be found
here<http://github.com/abhikandoi2000/flowork>
.
For the Error Reporting part I would like to suggest the following ideas:
1). Using JSON for the data-exchange b/w the server and client.
2). Encryption of sensitive information for protection from eavesdropping.
3). Authentication to confirm that the request is made by a valid user.
I was also thinking of a webpage to visualize the amount of
errors occurred over a period of time. As in this can include graphs
helping the user to identify amount of errors occurred over time and also a
log list of errors in chronological order.
Please comment to let me know if these features would be helpful to the
phpMyAdmin project.
It would be helpful if you could provide me with some details about how to
proceed further for GSoC .
Abhishek Kandoi
12 Apr
12 Apr
9:57 a.m.
Abhishek Kandoi a écrit :
Hi,
I am a first year undergraduate at IIT Roorkee.
(...)
It would be helpful if you could provide me with some
details about how to
proceed further for GSoC .
Hi,
visit http://phpmyadmin.net and click on "GSoC 2013".
--
Marc Delisle
http://infomarc.info
5:02 p.m.
On 04/12/2013 01:38 PM, Abhishek Kandoi wrote:
Hi,
I am a first year undergraduate at IIT Roorkee.
I saw the list of proposed projects for GSoC 2013 and I am really
interested to work on the project idea of AJAX Error Reporting as I have
worked on a few projects based on JavaScript AJAX and was really excited
about it.
I have been working with JavaScript and jQuery since 2 years and I
consider myself as having a good working knowledge of it. I am really
excited about this project and would like to contribute.
I recently developed a simple yet elegant todo web application using
AJAX, the source code for which can be found here
<http://github.com/abhikandoi2000/flowork>.
Hi Abhishek,
have you got a live demo of this application that I could try?
From your email, I'm getting the feeling that you didn't fully
understand where the different components of the system will reside...
The server-side component of this system will not be for the users of
phpMyAdmin or administrators of individual phpMyAdmin installations, it
will, instead, be used by the members of the phpMyAdmin development
team[0] to globally diagnose issues.
For the Error Reporting part I would like to suggest
the following ideas:
1). Using JSON for the data-exchange b/w the server and client.
2). Encryption of sensitive information for protection from eavesdropping.
3). Authentication to confirm that the request is made by a valid user.
1) JSON will be fine.
2) I guess that we don't need encryption as a feature. What we really
need is to remove sensitive information from requests altogether, so
that there will be nothing to hide in the first place. Also, this way we
address the issue of users' concern about privacy.
3) No need for authentication, either. AFAIK, there is no way that we
can check if the request is valid, as phpMyAdmin users are not known to
us. The worst case scenario that I can think of here, is dealing with a
DoS attack.
I was also thinking of a webpage to visualize the
amount of
errors occurred over a period of time. As in this can include graphs
helping the user to identify amount of errors occurred over time and
also a log list of errors in chronological order.
This part of the application is where most of the work will be. So, it
needs to be fully thought through on your part. Charts are a nice idea,
but they must display information that is actually useful :)
Please comment to let me know if these features would
be helpful to the
phpMyAdmin project.
It would be helpful if you could provide me with some details about how
to proceed further for GSoC .
The wiki is pretty comprehensive on the matter. Do you have a more
specific question?
Bye,
Rouslan
[0]: http://www.phpmyadmin.net/home_page/team.php
14 Apr
14 Apr
9:02 a.m.
Le 2013-04-12 16:02, Rouslan Placella a écrit :
3) No need for authentication, either. AFAIK, there is
no way that we
can check if the request is valid, as phpMyAdmin users are not known to
us. The worst case scenario that I can think of here, is dealing with a
DoS attack.
Isn't this a threat big enough to cancel this project?
--
Marc Delisle
http://infomarc.info
10:56 a.m.
On 04/14/2013 01:02 PM, Marc Delisle wrote:
Le 2013-04-12 16:02, Rouslan Placella a écrit :
Well, no, it's not that big of a deal as far as I can see. First, this
is not likely, but then we'll just need to rate-limit requests. A per-IP
limit would help here, but we might also want to have a global limit to
help with possibility of distributed attacks. After the limit is reached
a request would just get a "429 Too Many Requests", and the client, of
course, will know how to deal with that.
Bye,
Rouslan
3) No need for authentication, either. AFAIK,
there is no way that we
can check if the request is valid, as phpMyAdmin users are not known to
us. The worst case scenario that I can think of here, is dealing with a
DoS attack.
Isn't this a threat big enough to cancel this project?
4164
days inactive
4166
days old
4 comments
3 participants
participants (3)
-
Abhishek Kandoi -
Marc Delisle -
Rouslan Placella