sorry for this question,
i just need a simple example to understand how SMTP works with Tornado;
What do i need, if i've a simple application, then do i need to open a new account on Gmail or Yahoo?
Tornado doesn't provide anything to handle SMTP.
You can use smtplib, although it's synchronous. Check out the example given.
Related
I've got an android and iphone app that both get the required data from a webserver. The data is sent via json to the client. Using this setup other people might simply retrieve the url the app is calling and this way could make use of the data that I gather with my scripts on the server. To make it short: I don't want that :)
My idea is to make the json unreadable for example by encrypting it. This would make it a little harder to retrieve the information since this way some who would like to use my service would had to decompile the app an lookup any decryption stuff I had implemented.
Therefore two questions:
Do there exist some libraries that already offer such a functionality (Server side is Java)?
Does anyone of you have any other suggestions how I could protect my api from unwanted guests?
Thanks in advance :)
I think the options available would be...
to lock down the API to Authorized/Authenticated users.
Using BSON to obfuscate the data.
You could always use oAuth to allow the users to authenticate based on an account they already have: Facebook, Twitter, Google etc.
This question is hard to explain and can be vague. What I am trying to achieve is something similar to the click of a "reply" button found on Craigslist.
What makes this unique compared to a simple mailto or using an smtp sever is that the user must log in to their email accounts and automatically goes to send email with the send information available or (already given) eg. "joesmith#email.com".
Where do I find information on this? and examples.
Note that I use Visual Studio 2010 language C#
You should be able to accomplish something similar to the Craigslist example by creating links with the following URLs:
https://mail.google.com/mail/?view=cm&fs=1&to=<to_address>&su=<subject>
http://compose.mail.yahoo.com/?to=<to_address>&subject=<subject>
http://mail.live.com/mail/EditMessageLight.aspx?n=&to=<to_address>&subject=<subject>
http://webmail.aol.com/Mail/ComposeMessage.aspx?to=<to_address>&subject=<subject>
I am writing a trigger, in which i need to invoke the external application using the MySQL
Looking a your comment, the response is obvious.
Write a program in whichever language you dominate the best. That program needs to
Read all email addresses
Iterate on the list
Send a mail in every iteration
If you promise not to use it for sending spam, I can give you a basic PHP script to do that
I would suggest having the external application request the list of users, and then looping through the list and sending the email. There's no real reason to mix the two.
When debugging an HTTP client, one of your first tests is likely to be a Google search, which lets you see whether your client does non-SSL GETs properly. Everyone knows where it is, everyone can use it, and everyone can see whether it succeeded.
My client has a problem with HTTPS POST. I can reproduce it locally with my specially set-up HTTPS server, but I want others to be able to try it as well. Is there a public web page using HTTPS where sending a test POST is not a bad idea?
Edit: In the end, the problem turned out to be that my client would cache network output by the line when sending over TLS. Obviously, that causes problems for POST but not for GET...
I stumbled across this question while looking for the same thing, but I also found https://posttestserver.com/, which provides such a service for HTTP and HTTPS.
Google App Engine has supported HTTPS for a while now. That should give you a simple, easy way to put up test pages for anybody to see and serve them up over HTTP and HTTPS. Give us the link too, could be useful to use for our clients if the tests are generic enough.
The simplest public HTTPS post test I can think of would be webmail.
For example create a dummy Google account, then take the username and password of that dummy and see if the user can login using https://www.google.com/accounts/ManageAccount (a simple HTTPS post form).
Create a twitter account. Because of the json api, checking for a valid post to twitter is very simple. For the POST, you can look at the API docs for Status Updates. Once you've made a post, you can check the results at the User Timeline.
The API docs even have simple examples with curl to show you how easy it is. The POST:
curl -u user:password -d "status=testing my HTTP POST request" https://twitter.com/statuses/update.json
And getting the status to check it:
curl https://twitter.com/statuses/user_timeline.json?screen_name=user
Any login form should do.
In short, no. But without further info as to what specific bug you're experiencing, it's hard to search for something that already exists. My suggestion would be to find a free hosting service, and put the test page up there, along with a small google ad for some revenue.
Interesting concept, though, the publicly available test cases for standards. I like.
I'll bet that google search will accept a search paramter as POST if you sent it that way.
SSL adds a lot of complexity to the transaction, and you actually should break it up into two pieces.
You should do an GET w/ HTTPS first. When I was smoke testing networking for Netscape/AOL/Mozilla, I used http://www.verisign.com, because that was the home page for the main certificate vendor. I did not test the HTTP/SSL implementation itself, but we figured that while we are sitting around clicking on links in a build, we may as well do some SSL versions of the HTTP requests.
I cannot easily think of a good https: URL that uses POST, but I actually think it matters a lot less.
Once you know that SSL is working w/ HTTP at all, failures that are request-specific are going to be pretty limited, based on my recollection. Then again, this area was not assigned directly to me, so take that with a grain of salt.
My more recent thinking about testing is that test groups need to setup their systems, especially test servers. You would probably get better mileage by getting a good working set of instructions on how to configure HTTPS w/ a self signed certs, and then create your own internal POST test pages.
Ok, get this.
I have been assigned to write an html form to be EMAILED to clients so that they can fill it in and submit it FROM THE EMAIL CLIENT! apparently emailing a link to the existing form on our website is not good enough.
I am still trying to get my head around this as it seems almost void of common sense, but anyways, my guess is that I will have no way of validating data, and if actually works, how will the user know? WTF?????
Get this, They will be emailing both a pdf and an html doc to clients, I tried putting my case forward but apparently the marketing pro's say IT IS POSSIBLE AND MUST BE DONE, WORKING BY FRIDAY!
This is not a good idea on many fronts:
Not all email clients will support a form post from HTML
see: http://www.campaignmonitor.com/blog/post/2435/how-forms-perform-in-html-emai/
No clientside validation
What's exactly wrong with a link?
How are you getting data from PDF form submission? You can get expensive form tools from Adobe: http://www.adobe.com/government/forms.html
Some spam / av checkers will dispose of form based emails.
There are only two possiblities: first one the mail client must have a php runtime environment to run the php script locally, also an embedded mail server - which isnt the case for the most of them. Second one is that your mail client acts like a browser and displays the form (which is located still on the internet) in his mail viewing window (which is perhaps possible but i dont know any common mail client doing this).
So you either submit a link to the form or you construct the mail this way, that there're placeholders to be filled and submitted like a normal mail response.
This idea is plainly wrong. You're creating a phishing vector for your company which could expose them to huge legal liability. Just ask them how much money they are going to be putting into the legal defense fund in order to pay out for the lawsuits they are going to lose.
An adobe pdf server is about the only reasonable method for doing this, but that takes lots of cash and work on your network to support a new type of server.
It's generally bad idea. Most email clients only allow limited HTML, with limited CSS and without any JavaScript at all.
See: http://www.sitepoint.com/code-html-email-newsletters/
Many mail clients will not allow submitting any form (at least with standard security settings).