[NTG-context] Invoking ConTeXt from inside php web appliction

Henning Hraban Ramm texml at fiee.net
Sat Jul 9 22:56:24 CEST 2016


Am 2016-07-09 um 17:45 schrieb Pavneet Arora <pavneet_arora at waroc.com>:

> Sorry that this has taken me so long.  The report card application has
> been deployed, and although I am still going through and resolving minor
> bugs, it is very much in use (350 students leaving on Tu who already have
> their foundation work marked and commented within the system; output via
> ConTeXt).

Nice to hear about your success!
In my case, my customer, a publisher of several special interest magazines, uploads lists of customers and their ad bookings into my web app and gets nicely TeXed voucher shipping documents.

> Anyway, I have updated the Wiki, but am unsure if I missed anything. So
> can everyone have a look and let me know:
> http://wiki.contextgarden.net/ConTeXt_Standalone#Apache_webserver_installation

I’m quite sure it’s a bad idea to install ConTeXt (or anything like that) in a public, i.e. web-accessible, directory!
Even if I can’t imagine an attack via accessing files from the ConTeXt tree, experienced attackers might.
I don’t use PHP any more, but I’m quite sure there’s a better way.

I run ConTeXt from a Django (Python) web app behind Nginx, and there only static files (i.e. images, CSS etc.) are directly accessible, and I can call a system-wide installed ConTeXt owned by root (i.e. nobody else can change it).

Greetlings, Hraban
---
http://www.fiee.net
http://wiki.contextgarden.net
GPG Key ID 1C9B22FD



More information about the ntg-context mailing list