===================================================================
RCS file: /home/cvs/OpenXM/src/kan96xx/Doc/httpd-rpc.sm1,v
retrieving revision 1.3
retrieving revision 1.7
diff -u -p -r1.3 -r1.7
--- OpenXM/src/kan96xx/Doc/httpd-rpc.sm1	2002/10/24 02:48:59	1.3
+++ OpenXM/src/kan96xx/Doc/httpd-rpc.sm1	2002/10/28 23:55:57	1.7
@@ -1,4 +1,4 @@
-%% $OpenXM: OpenXM/src/kan96xx/Doc/httpd-rpc.sm1,v 1.2 2002/10/24 02:12:34 takayama Exp $
+%% $OpenXM: OpenXM/src/kan96xx/Doc/httpd-rpc.sm1,v 1.6 2002/10/28 08:57:28 takayama Exp $
 %% http server by sm1. Used for RPC.  Generic example.
 
 [(parse) (httpd.sm1) pushfile] extension pop
@@ -9,6 +9,9 @@ def
 /httpd.port 8090 def
 /httpd.serial 0 def
 
+/httpd.oxasir.timer 1 def  %% 1 to use timer, but it accepts only one command
+                           %% 0 not to use timer. It accepts programs.
+
 %%******* Put initialization codes for ox_asir here. 
 /httpd.initialization
  [
@@ -18,6 +21,12 @@ def
  ] cat
 def
 
+/httpd.asirman
+ ("http://www.math.sci.kobe-u.ac.jp/OpenXM/1.2.1/doc/asir2000/html-eg/man_toc.html")
+def
+/httpd.asirman.ja
+ ("http://www.math.sci.kobe-u.ac.jp/OpenXM/1.2.1/doc/asir2000/html-jp/man_toc.html")
+def
 
 [(parse) (oxasir.sm1) pushfile] extension 
 oxNoX 
@@ -66,7 +75,7 @@ oxNoX 
 /httpd_action {
   [/in-httpd /ff /httpd.com /httpd.result /sss
    /sss.engine /sss.web /err
-   /oxserver.vname
+   /oxserver.vname /scheck
   ] pushVariables
   [
   {
@@ -88,6 +97,20 @@ oxNoX 
           httpd.com metaCommand {
             httpd.textarea.valid {
 
+              %%% Security check
+              [(regionMatches) httpd.com 
+               httpd.refusedCommands] extension /scheck set
+              scheck 0 get -1 eq {
+              }{ 
+                httpd.refusedCommands scheck 2 get get message
+                (Command is refused.) message
+                [
+                 httpd.refusedCommands scheck 2 get get
+                 httpd.com
+                ]
+                 send-page-refused exit
+              } ifelse
+
               %%%  Executing command, here.
               oxasir.ccc 
               httpd.com cookedCommand 
@@ -186,10 +209,7 @@ oxNoX 
    (Content-Type: text/html) sendln
    0 sendln
 
-  (<H1> Usage </H2> <br> ) sendln
-  [(Ask by GET /?) httpd.textarea.name (=) ( encoded_codes  HTTP/1.0)] cat 
-  sendln
-  (<br>) sendln
+  (<H1><font color="green">OpenXM/Risa/Asir Online</font></H2><br>) sendln
   [(getenv) (OXWEB_POST)] extension tag 0 eq {
     (<FORM NAME="myFORM">) sendln  % use get
   }{
@@ -199,10 +219,27 @@ oxNoX 
    [(<textarea name=) httpd.textarea.name 
     ( rows=10 cols="80" wrap="soft"></textarea>)] cat sendln
    (</FORM>) sendln
+
+  (Input example---factorization:<font color="blue"> fctr(x^3-1)</font>) sendln
+  (<br>) sendln
+  [(<font color="blue"> 
+    <a href=) httpd.asirman ( > AsirManual (En) </a> </font>, )] cat sendln
+  [(<font color="blue"> 
+    <a href=) httpd.asirman.ja ( > AsirManual (Ja) </a> </font>)] cat sendln
+   httpd.oxasir.timer {
+    (<br> It accepts only one command. The limit of CPU time is 30 seconds.
+          <font color="red"> Do not put <font color="blue"> ; </font> 
+                             (semi-colon) after the command. 
+          </font>) sendln
+   }{ } ifelse  
+   (<br>) sendln
+  [(You can also retrieve the result by GET /?) httpd.textarea.name (=) ( encoded_codes  HTTP/1.0)] cat 
+  sendln
+   (<br>) sendln
    [$<a href="http://localhost:$ httpd.port toString
-    $/?msg=httpdAsirMeta+quit"> Shutdown the server. </a>, $
+    $/?msg=httpdAsirMeta+quit"> Shutdown the oxserver (and restart it). </a>$
    ] cat sendln
-
+   (<h3 align="right"><font color="gree">Powered by OpenXM and httpd on Kan/sm1 </font> </h3>_) sendln
    0 sendln
    [(flush)] extension
   ] pop
@@ -229,6 +266,32 @@ oxNoX 
   popVariables
 } def
 
+/send-page-refused {  
+  /arg1 set
+  [/in-send-page-refused /reason] pushVariables
+  [
+   /reason arg1 def
+   (HTTP/0.9 200 OK) sendln
+   (Connection: close) sendln
+   (Content-Type: text/html) sendln
+   0 sendln
+
+  (<H2> Your request is refused. </H2> <br> ) sendln
+  (Because your input contains the key word <font color="red">) sendln
+  reason 0 get sendln
+  ( </font> ) sendln
+  (<br> <br>) sendln
+  (Your input is <br> ) sendln
+  (<pre> ) sendln
+  reason 1 get sendln
+  (</pre> ) sendln
+
+   0 sendln
+   [(flush)] extension
+  ] pop
+  popVariables
+} def
+
 %% **** Overwrites the definition in httpd.sm1
 /httpd_startserver {
    (httpd server accessible outside localhost.) message
@@ -247,7 +310,7 @@ oxNoX 
 } def
 
 %% ******* sample of cooked command
-/cookedCommand {
+/cookedCommand.simplest {
   /arg1 set
   [/in-cookedCommand /httpd.com] pushVariables
   [
@@ -258,3 +321,36 @@ oxNoX 
   popVariables
   arg1
 } def
+/cookedCommand {
+  /arg1 set
+  [/in-cookedCommand /httpd.com /fff] pushVariables
+  [
+    /httpd.com arg1 def
+    httpd.oxasir.timer not {
+      [(if (1) {)  httpd.com  (; };)] cat
+      /fff set
+    }{
+%%  It does not work.
+%%      [$timer(30,eval_str("$ 
+%%          (if (1) {)  httpd.com  (; };)
+%%       $"),"Computation is aborted with the resource limit ( 30 seconds)");$
+%%      ] cat
+     [$timer(30,$   httpd.com
+        $,"Computation is aborted with the resource limit ( 30 seconds) or there was a syntax error.");$
+     ] cat
+      /fff set
+    } ifelse
+    (cooked command is ) messagen fff message
+    /arg1 fff def
+  ] pop
+  popVariables
+  arg1
+} def
+/httpd.refusedCommands 
+   [(shell) (eval_str) (ox_) (sm1_) (m_) 
+    (connect) (load)  (bload) (bsave) 
+    (end) (quit) (output) (bload27) (open)
+    (plot) (ctrl) (debug) (error) (port) (bind) (accept)
+    (draw)  (peek) (poke)
+   ]
+def