Simple Local Web servers November 27th, 2013

I’ve had this post saved as a draft for two years, so I finally decided to clean it up a little and publish it in case anyone else finds the information useful.

In web development, for both client and server testing, it’s often very useful to have a local web server running in order to serve test cases. This post outlines a few quick and easy ways to run a local web server that don’t involve installing Apache or nginx and all their dependencies.

The simplest way I know of to get a local web server is with netcat:

brandon@dexter:~$ nc -l 8000

Then, when you hit the URL http://localhost:8000 in your browser, you will see the request show up on the terminal where netcat is running:

GET / HTTP/1.1
Host: localhost:8000
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:6.0a1) Gecko/20110513 Firefox/6.0a1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cache-Control: max-age=0

You can then type an arbitrary response back to the browser, terminating the stream with Ctrl+C:

HTTP/1.1 200 OK
Content-Type: text/html

Hello <world>
^C

The hello world HTML page shows up in your browser as you would expect. You could just as easily use an existing file on your filesystem as input for the response:

brandon@dexter:~$ nc -l 8000 < http_response_file.txt

Another option to consider, especially if you already have test cases or other static content ready to serve, is Python’s SimpleHTTPServer class. You don’t even need to write a script to run one of these servers locally:

brandon@dexter:~$ python -m SimpleHTTPServer 8000
Serving HTTP on 0.0.0.0 port 8000 ...d

This time, hitting http://localhost:8000 in your browser will bring up a directory listing with your current working directory as the document root. Your requests are also logged on your Python terminal:
localhost - - [16/May/2011 14:55:36] "GET / HTTP/1.1" 200 -

On a separate but related note, you can get a local SMTP testing server, which only logs to the console and doesn’t actually send mail, by running:

$ sudo python -m smtpd -c DebuggingServer -n localhost:25
Password:

---------- MESSAGE FOLLOWS ----------
Content-Type: multipart/alternative;
boundary="===============5376655522220276269=="
MIME-Version: 1.0
Subject: Veracode report for 2013-10-24
From: pyth...@example.com
To: reci...@example.org
X-Peer: 127.0.0.1

--===============5376655522220276269==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

= Plain text version =
Hello world!

--===============5376655522220276269==
Content-Type: text/html; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

<html><body>
<h1>HTML Version</h1>
<p>Hello <b>world</b>!</p>
</body></html>

--===============5376655522220276269==--
------------ END MESSAGE ------------

Standing on the Shoulders of Giants October 15th, 2013

I recently created a new theme for my personal site*, and was struck anew by how many Open Source Software packages this site is built on top of.  To name a few of the essential ones:

In other words, every layer of the Web stack, which I use every day for fun and for profit, is powered by Open Source Software.  It would be beyond impossible to deploy a website today with rich, interactive experiences without these fundamental pillars.  I owe so much to Linux, Open Source, and Open Standards, and it is only right that I acknowledge this fact.

* Many thanks, also, to David Goines, who graciously allowed me to use his artwork in the new site design.

Moving to GitHub March 8th, 2011

GitHub is an amazing tool which holds a lot of promise for pushing open source software development forward. I say that because they make the process of forking someone else’s repository and then merging your changes (with their permission, of course) back into the master repo as simple as a few mouse clicks. I, for example, contributed a patch that made jQuery CSP-compatible which was later pulled into the jQuery trunk.

Since GitHub has become the industry standard for sharing code, I’ve started the process of moving all of my open source tools to a repository there. So far, I have only moved my Python CIDR block converter, but the rest should follow soon!

Update to CSP Bookmarklet January 20th, 2011

It was pointed out to me that my CSP bookmarklet was using a feature added in ECMAScript 5, Object.keys, and thus did not work in older browsers. I added a bit of code to address this:

Object.keys = Object.keys || function(obj) {
  var keys = [];
  for (var key in obj) {
    if (obj.hasOwnProperty(key))
      keys.push(key);
  }
  return keys;
}

Browsers that don’t natively support Object.keys will now have that functionality added when the bookmarklet runs. Go ahead, give it a try: Recommend CSP

As before, the full source is posted for you to browse as well.

Content Security Policy Recommendation Bookmarklet October 14th, 2010

I wrote a bookmarklet that analyzes the content on the current page and recommends a Content Security Policy based on the types of content it finds on the page and the sources of that content. The implementation also takes into account resources that are dynamically added to the page by JavaScript.

For instance, today I learned that ReCAPTCHA loads script both from api.recaptcha.net, but also from www.google.com. Note to self: figure out why Google needs to know about every ReCAPTCHA load.

You can test it out by clicking the following bookmarklet: Recommend CSP

If you find it useful, drag it to your bookmarks toolbar and you can use it from any web page. Feel free to check out the bookmarklet source as well.

In the future, I would like to add notifications for potential inline script violations.

Productivity music for work September 8th, 2010

There are times at work when I like to put on my headphones and play some music (usually instrumental) or white noise to avoid distraction while I write code or do some other task that requires concentration. I never thought to do both at the same time… until now!

Next time you want a nice anti-distraction music cocoon try opening in separate tabs:

  1. A nice Jazz Piano or Classical station
  2. A pleasant rainfall soundtrack

If you are still distracted after that Google has some information that might help you.

Sharengeti
A community-driven collection of the best links on the Web, delivering a tailored browsing experience to each user.