pwick
/
lab_server
generated from mwc/lab_server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
lab_server/notes.md

3.2 KiB
Raw Permalink Blame History

Project Server Notes

Checkpoint 1

  1. Lots of software today connects to remote servers, and can't work offline. What are some advantages of using a program or an app which uses a remote server? What are some advantages of using a program or an app which is completely local?

Advantages of remote server: accessibility - being able to access the server from multiple machines/locations as long as they can connect to the internet. updating - data is managed remotely and therefore is easily synched across multiple devices.

Advantages of local management: offline access - without needing to connect to a remote server, data can still be accessed even when not online. data management - if data is managed locally, it's (theoretically) not accessible remotely and therefore is more secure from unauthorized access.

  1. You just ran a server on your own computer, and connected to it as a client on the same computer. In what other situations might it be useful to run a server on your computer, where you're the only client, on the same computer?

Debugging and testing, prototyping, basically any development before something is ready to be deployed for remote users to connect to. Especially when it comes to security, I would want to validate things are working as intended, test what I can through my local connection, then actually release it (and probably fix more bugs upon doing so).

Checkpoint 2

  1. Choose a program (Steam), web app (Google Docs), or app (Weather) that you use frequently. You can't observe the calls this program is making to its server (unless you have fancy tools), but you can infer some of the calls based on the program's behavior. Describe a few routes which you think may exist for your chosen program's backend server.

For something like Google Docs, to access a document, there is probably some endpoint like: //documents/<some document id or name?> to actually route through the Google Docs API and provide endpoints to the specific document being requested.

Google Docs also auto-save regularly, so there is probably also some call happening to update the document in Google Drive, maybe with something like "/save" running in parallel to the current document?

Handling permissions would work similarly, where the Share button might call a route like "/share" which then looks for the whitelist and access settings and posts a change to the documents access restrictions attributes.

  1. In your own words, what is an exception? When might it be useful to handle an exception? When is it better not to handle an exception, and instead let the program crash?

An exception seems to be an error from which the program has the ability to recover, compared to something like a syntax error where the program can't compile or interpret the command and therefore couldn't continue even if you wanted it to.

It would be helpful to handle the exception if the error can be handled while providing the user useful feedback about the error and preventing it in the future.

I would want to not handle the exception and rather let the program crash if it led to an exposure of a security vulnerability, like a DDoS attack or a memory issue.