Smalltalk Frameworks & Tools Seaside Seaside General

Securing the site

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Mark Carter-3
Reply | Threaded
Open this post in threaded view
|

Securing the site

Mark Carter-3
I'm new to Smalltalk and Seaside.

I started Seaside 3.0 all-in-one for Windows. I started the adapter from the
control panel and put it in deployment mode. However, if I point my browser to
    http://localhost:8080
the menu strip down the bottom (the one with Configure and Halos on it) is still
visible. What gives? That's worrying. Isn't that massively insecure? I've
Googled around for deploying Seaside, but I can't seem to find a straight answer
about what I'm supposed to do about it.



 
_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
stephane ducasse
Reply | Threaded
Open this post in threaded view
|

Re: Securing the site

stephane ducasse
http://book.seaside.st

Stef
On Aug 31, 2010, at 10:15 PM, Mark Carter wrote:

> I'm new to Smalltalk and Seaside.
>
> I started Seaside 3.0 all-in-one for Windows. I started the adapter from the
> control panel and put it in deployment mode. However, if I point my browser to
>    http://localhost:8080
> the menu strip down the bottom (the one with Configure and Halos on it) is still
> visible. What gives? That's worrying. Isn't that massively insecure? I've
> Googled around for deploying Seaside, but I can't seem to find a straight answer
> about what I'm supposed to do about it.
>
>
>
>
> _______________________________________________
> seaside mailing list
> [hidden email]
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Nick
Reply | Threaded
Open this post in threaded view
|

Re: Securing the site

Nick
more specifically: http://book.seaside.st/book/advanced/deployment/deployment-preparing

On 7 September 2010 07:07, stephane ducasse <[hidden email]> wrote:
http://book.seaside.st

Stef
On Aug 31, 2010, at 10:15 PM, Mark Carter wrote:

> I'm new to Smalltalk and Seaside.
>
> I started Seaside 3.0 all-in-one for Windows. I started the adapter from the
> control panel and put it in deployment mode. However, if I point my browser to
>    http://localhost:8080
> the menu strip down the bottom (the one with Configure and Halos on it) is still
> visible. What gives? That's worrying. Isn't that massively insecure? I've
> Googled around for deploying Seaside, but I can't seem to find a straight answer
> about what I'm supposed to do about it.
>
>
>
>
> _______________________________________________
> seaside mailing list
> [hidden email]
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside


_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Jan van de Sandt
Reply | Threaded
Open this post in threaded view
|

Re: Securing the site

Jan van de Sandt
In reply to this post by Mark Carter-3
Hello Mark,

You can disable the Configure and Halo functionality but I think it is better to prepare a Smalltalk runtime image without these development packages loaded. I did something similar for my ec2demo Seaside app. See http://blog.doit.st/2010/09/08/creating-a-seaside-runtime-image-with-pharo/

Jan. 

On Tue, Aug 31, 2010 at 10:15 PM, Mark Carter <[hidden email]> wrote:
I'm new to Smalltalk and Seaside.

I started Seaside 3.0 all-in-one for Windows. I started the adapter from the
control panel and put it in deployment mode. However, if I point my browser to
   http://localhost:8080
the menu strip down the bottom (the one with Configure and Halos on it) is still
visible. What gives? That's worrying. Isn't that massively insecure? I've
Googled around for deploying Seaside, but I can't seem to find a straight answer
about what I'm supposed to do about it.




_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside



--
Jan van de Sandt
gsm: +31 (0)6 3039 5998

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Free forum by Nabble Edit this page