To ellobrate my requirement, I'm have native iPhone application. In it i have UIWebview as part of my screen. This webview is loaded with an intranet web application link. which in turn have links to few more intranet applications. These web applications have cookie, cache, local storage data etc. These data are stored in my native application's sandbox file system. I would like to know how to make sure that these contents are secured wiht the application. The requirement is to double secure the content. Based on configuration i may be want to delete the information stored in the filesystem. To be in detail, i may be want to delete all the information from the intranet web application1 alone from the file system, leaving other data undisturbed.
Note: I may not be able to do any changes to the source of my intranet web applications.
kindly advise me on this.
Related
I'm searching a way to make a social network where the data (images, videos...) is stored on the user's computer (or client-side) and a remote server is used to access it by serving the functionnality and the design. The basic thing would be for each user to have a profile and to be able to browse other's profiles.
Note : It's not a problem if the client-side computer shuts down its machine. The user's profile would be just designed as offline. And when the user is connected, others would be able to browse his – her profile.
I searched a lot and I came up with different ideas :
→ store data with indexeddb and then stream it with webrtc. The problem : webrtc is not really made for showing a simple profile page to be browsed by multiple users.
→ make a desktop app to access local files and then try to make a communication with the server to deliver the app (with something like electron ?). The problem is I don't know if electron is well suited for this kind of project.
Any ideas, questions, suggestions, remarks or anything that helps would be greatly welcomed.
We have an application which i a Cloud Screen service/application. The purpose of the application is to store images and videos locally but also on the server. So if a computer connects to the network, it'll download the current content (json, images, videos) so it can display these even without internet because it's stored locally.
The client was made in Electron and the management application was .NET Core.
If you're thinking about creating a desktop application, then yes, it is possible, but in order to achieve this, you have to store on the server as well.
Let's assume that someone wants to check your profile. It has to load your datas which has to be stored on the server because they can't access your local files and computer. But you can store your files locally to boost up the speed.
I would only recommend this to store images/videos and bigger files, but you have to specify your requirements because in this case, every time you bump into a new content, you have to download it (if you want to store locally so it'll load faster the stored files).
The second option is to store these in the client. But be aware, desktop application's size can increase easily with lots of images and videos. If you store these in the client, you only have to store the URLs in case of dynamic datas (static URLs can be stored as static data).
I hope I could help, if you have any more questions, feel free to ask.
I'm planning an app for work and venturing into potential features which I've not used before.
Essentially I need to be able to access files on a network share, read, write and delete files as well as amend the file names. As a pretty closed platform I'm not sure whether iOS is capable of such a thing and if it is, what features should I look for to begin researching?
My Google-Fu hasn't come up with anything thus far so hopefully looking for someone to point me in the right direction.
Thanks.
I know this isn't very secure, but I'd personally create an ASP.NET app on your target Windows Server, or a different Server on the domain. Create web services exposed, and make an iOS app with UIWebView. You can do RPC calls from the web service that do WMI/ADSI/File System manipulation. You can prompt for domain credentials, and do remote calls essentially is the gist.
You could expose the web app so that your app can access it from local network, or URL. If you were to access it from outside I'd suggest using some secure credentials in Windows/IIS.
Some years ago I created a "mobile-friendly" web app that allowed me to manage servers, perform RPC, and do basic Active Directory queries. Also allowed file listing and deletion/moving/copying with some creative scripting. It was essentially a ASP.NET/C# web app that loaded in a iPhone app. UIWebView in iOS was a able to load it, used AJAX and some other client side scripting that looked decent. You'd essentially have to make sure that your web app renders properly in Safari/UIWebView (which is bastardized safari).
Here's a link to a demo of what I created:
https://www.youtube.com/watch?v=czXmubijHwQ&t=12s
I ran it in a browser, but it'd run from my PSP, Android test devices, iPod Touch, Blackberry, etc.
I'm building a streaming app similar to pandora. However right now I'm storing all my files on http and accessing them with urls. Is there an alernative to this because all the files are in the public html folder? For example how does apps like pandora or spotify pull files off their servers. I'm new to web severs and not sure where to ask this question. I have a centos server on vps hosting with apache, MySQL, http, ftp.
You just need to provide the content as a bit stream rather than a file download. The source of that data to send as a stream can be stored as binary data in a BLOB column in a database or as a regular file on a non-public part of the file system. It really does not mater which one you use.
Storing them in the database gives your app a bit easier access and makes the app more portable since it is not restricted the file system level permissions.
The fact you currently have the files in a public folder is not really that critical of an issue since you are making them available for download. You would just need to make sure you have an authentication requirement if you want to restrict who can access them.
I'm working on a project that involves two web portals hosted on the same IIS 7.5 server:
(A) MVC4 web application for administration
(B) Mobile MVC4 web application with jQuery Mobile
Both are retrieving the data from the Web API based services hosted on other IIS server.
Now I'm about to add manipulation of images that are managed on Admin portal (A) and displayed to clients within Mobile app (B). Images will be added/changed dynamically with higher frequency.
I had two solutions in my mind:
Store all images in database on the server that hosts Web API as byte arrays, and send them on demand as base64 strings - render them on mobile app pages as base64 strings:
Can set any kind of security restrictions and integrate them well with MVC
Pages would be rendered in one request
Transferring from Web API to Mobile app
What happens to caching?
Store all images on the server that hosts both (A) and (B) in some shared folder, include them in rendered pages as regular tags.
No transfer between WebAPI and Web server
Caching of images
Several requests for each image on the page
Thing that I have to take in consideration as well is that there will be native iPhone app that will do the same role as mobile web app, meaning it should have access to same set of images.
Any thoughts would be appreciated on this, I'm looking for best practices solution, a guide, hints, or anything that I could use.
Also, if option 2. is suggested, what is the best place to store images to be shared between two portals?
Thanks!
I would recommend you going with option 2 and store the images on some shared folder. The best would be to have a specific application that will act as CDN hosting all your static resources. According to YSlow best practices this CDN should be hosted on a different top level domain than the clients, thus allowing cookieless access to those lowering the bandwidth consumption.
just recently I was thinking and wondered, how does Dropbox upload my files to its S3 storage and how might that one be organized?
Let's just completely forget about the sync aspect for a second and scale the problem down to one S3 bucket.
Say, in that bucket's root directory you have lots of folders, each belonging to an arbitrary user.
Now if that user wants to upload a file to his folder... how does that happen internally? I mean, Dropbox can't just store the Amazon S3 access credentials/keys hard-coded into the application (be it on ios or windows) as it might get reverse-engineered and thus exposed.
Any thoughts on this?
Thanks!
Some guys from EADS did reengineering on Dropbox, the presentation slides are available for download: A CRITICAL ANALYSIS OF
DROPBOX SOFTWARE SECURITY
In the same way websites don't allow users to directly access their databases but rather provide interfaces that can control permissions and handle authentication, I'm sure Dropbox has some kind of application that the client on your computer interacts with. Their server daemon will have permissions to write to the disk, but your computer has to go through it (and it's security procedures) before anything your computer sends is written.