Hi,
I am a first year undergraduate at IIT Roorkee. I saw the list of proposed projects for GSoC 2013 and I am really interested to work on the project idea of AJAX Error Reporting as I have worked on a few projects based on JavaScript AJAX and was really excited about it.
I have been working with JavaScript and jQuery since 2 years and I consider myself as having a good working knowledge of it. I am really excited about this project and would like to contribute.
I recently developed a simple yet elegant todo web application using AJAX, the source code for which can be found herehttp://github.com/abhikandoi2000/flowork .
For the Error Reporting part I would like to suggest the following ideas: 1). Using JSON for the data-exchange b/w the server and client. 2). Encryption of sensitive information for protection from eavesdropping. 3). Authentication to confirm that the request is made by a valid user.
I was also thinking of a webpage to visualize the amount of errors occurred over a period of time. As in this can include graphs helping the user to identify amount of errors occurred over time and also a log list of errors in chronological order.
Please comment to let me know if these features would be helpful to the phpMyAdmin project.
It would be helpful if you could provide me with some details about how to proceed further for GSoC .
Abhishek Kandoi
Abhishek Kandoi a écrit :
Hi,
I am a first year undergraduate at IIT Roorkee.
(...)
It would be helpful if you could provide me with some details about how to proceed further for GSoC .
Hi, visit http://phpmyadmin.net and click on "GSoC 2013".
On 04/12/2013 01:38 PM, Abhishek Kandoi wrote:
Hi,
I am a first year undergraduate at IIT Roorkee. I saw the list of proposed projects for GSoC 2013 and I am really interested to work on the project idea of AJAX Error Reporting as I have worked on a few projects based on JavaScript AJAX and was really excited about it.
I have been working with JavaScript and jQuery since 2 years and I consider myself as having a good working knowledge of it. I am really excited about this project and would like to contribute.
I recently developed a simple yet elegant todo web application using AJAX, the source code for which can be found here http://github.com/abhikandoi2000/flowork.
Hi Abhishek,
have you got a live demo of this application that I could try?
From your email, I'm getting the feeling that you didn't fully understand where the different components of the system will reside...
The server-side component of this system will not be for the users of phpMyAdmin or administrators of individual phpMyAdmin installations, it will, instead, be used by the members of the phpMyAdmin development team[0] to globally diagnose issues.
For the Error Reporting part I would like to suggest the following ideas: 1). Using JSON for the data-exchange b/w the server and client. 2). Encryption of sensitive information for protection from eavesdropping. 3). Authentication to confirm that the request is made by a valid user.
1) JSON will be fine.
2) I guess that we don't need encryption as a feature. What we really need is to remove sensitive information from requests altogether, so that there will be nothing to hide in the first place. Also, this way we address the issue of users' concern about privacy.
3) No need for authentication, either. AFAIK, there is no way that we can check if the request is valid, as phpMyAdmin users are not known to us. The worst case scenario that I can think of here, is dealing with a DoS attack.
I was also thinking of a webpage to visualize the amount of errors occurred over a period of time. As in this can include graphs helping the user to identify amount of errors occurred over time and also a log list of errors in chronological order.
This part of the application is where most of the work will be. So, it needs to be fully thought through on your part. Charts are a nice idea, but they must display information that is actually useful :)
Please comment to let me know if these features would be helpful to the phpMyAdmin project.
It would be helpful if you could provide me with some details about how to proceed further for GSoC .
The wiki is pretty comprehensive on the matter. Do you have a more specific question?
Bye, Rouslan
Le 2013-04-12 16:02, Rouslan Placella a écrit :
- No need for authentication, either. AFAIK, there is no way that we
can check if the request is valid, as phpMyAdmin users are not known to us. The worst case scenario that I can think of here, is dealing with a DoS attack.
Isn't this a threat big enough to cancel this project?
On 04/14/2013 01:02 PM, Marc Delisle wrote:
Le 2013-04-12 16:02, Rouslan Placella a écrit :
- No need for authentication, either. AFAIK, there is no way that we
can check if the request is valid, as phpMyAdmin users are not known to us. The worst case scenario that I can think of here, is dealing with a DoS attack.
Isn't this a threat big enough to cancel this project?
Well, no, it's not that big of a deal as far as I can see. First, this is not likely, but then we'll just need to rate-limit requests. A per-IP limit would help here, but we might also want to have a global limit to help with possibility of distributed attacks. After the limit is reached a request would just get a "429 Too Many Requests", and the client, of course, will know how to deal with that.
Bye, Rouslan
-
Abhishek Kandoi -
Marc Delisle -
Rouslan Placella