browsix | Browsix is a Unix-like operating system for the browser

 by   plasma-umass JavaScript Version: 0.9.2 License: Non-SPDX

kandi X-RAY | browsix Summary

kandi X-RAY | browsix Summary

browsix is a JavaScript library. browsix has no bugs, it has no vulnerabilities and it has medium support. However browsix has a Non-SPDX License. You can install using 'npm i browsix' or download it from GitHub, npm.

Browsix is a Unix-like operating system for the browser.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              browsix has a medium active ecosystem.
              It has 3060 star(s) with 205 fork(s). There are 82 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 44 open issues and 21 have been closed. On average issues are closed in 187 days. There are 4 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of browsix is 0.9.2

            kandi-Quality Quality

              browsix has 0 bugs and 0 code smells.

            kandi-Security Security

              browsix has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              browsix code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              browsix has a Non-SPDX License.
              Non-SPDX licenses can be open source with a non SPDX compliant license, or non open source licenses, and you need to review them closely before use.

            kandi-Reuse Reuse

              browsix releases are not available. You will need to build from source code and install.
              Deployable package is available in npm.
              Installation instructions are not available. Examples and code snippets are available.
              browsix saves you 2727 person hours of effort in developing the same functionality from scratch.
              It has 5909 lines of code, 26 functions and 187 files.
              It has medium code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi has reviewed browsix and discovered the below as its top functions. This is intended to give you an instant insight into browsix implemented functionality, and help decide if they suit your requirements.
            • Represents a REPL server .
            • Integration of the module .
            • Main worker setup
            • Listen for incoming packets .
            • Emit input to a string
            • Format a value into an object .
            • Function to call a sychronous command
            • Initialize worker .
            • Represents a client request .
            • Prepare history to new history storage
            Get all kandi verified functions for this library.

            browsix Key Features

            No Key Features are available at this moment for browsix.

            browsix Examples and Code Snippets

            No Code Snippets are available at this moment for browsix.

            Community Discussions

            QUESTION

            Connecting to a server via SSH from the client-side browser, without a middle man server
            Asked 2020-Nov-10 at 03:59

            No specific code to look at--just hoping to talk through a problem I am facing, list the options I am aware of, and see if there are any options I am missing. Kindly let me know if this is not appropriate and I will delete the question.

            The problem

            I'm working on a web-based application that features a method of running commands on a user-owned server, ideally via SSH. I need to implement a solution for executing SSH commands from the browser in the most secure and convenient (for users) way possible. I'm detailing some solutions I've come up with that don't quite cut the mustard, and hoping you all may have some ideas I didn't think of, or tools I might not know about.

            My current solution

            Currently, I have a working API that translates HTTPS posts into SSH commands, mostly SFTP. The application connects an SSH instance on the application server to a user-owned server, given a username and password or uploaded private key. The server then maintains the SSH client, reconnecting if necessary using user-provided credentials. The application does not store usernames, passwords, or private keys, and information between the client and application server is conducted over HTTPS; authentication information IS, however, kept in a redis in-memory session instance. Because that information must travel through my middle-man application server, causing potential concerns about the client's server security, I would like to find another solution.

            My ideal solution

            Ideally, I would write an SSH client in a language like Go, converted to WebAssembly, which could be downloaded and run in the browser. No calls to my app server--all SSH traffic, including authentication, goes direct from the client to their server. The WebAssembly would be cached by the browser (though pretty light-weight anyway), preventing egregious download sizes, while still allowing me to do updates as need be. This doesn't work, however, because the browser is sandboxed and can't establish connections with a remote server. I've looked into solutions like Browsix to run a light Unix system in the browser, which could in turn run the SSH application, but it would appear to be similarly limited to running the WebAssembly directly. (Browsix also seems not to be maintained???)

            I have come up with two potential alternative solutions, both with some drawbacks that have prevented me from committing to them:

            Solution 1

            Move the SSH client client-side. My ideal solution is a form of this, but to get around browser limitations, I would require that clients download a small SSH client that can be called from the client-side web application. Realistically, if I am supporting browsers that do not run Chromium and if I am avoiding maintaining a browser extension for every browser I choose to support, that means I cannot interface between the browser and a native application. To get around this, I think I CAN wrap the SSH client in a web server meant to run on a particular port, say :9090. The web app could then make calls to, say, localhost:9090/listDirectories, which would funnel the request body to the SSH client, which would execute the relevant call on the client-owned server. The only downside to this is that it would require the user to download and run an installer, and the program would have to constantly be running and listening on a port on the client computer. This isn't as seamless of a user experience as I would like, and would be prone to errors like the program terminating or not properly starting up when the machine boots. I would also have to maintain installers for multiple major operating systems.

            Solution 2

            Ditch SSH. Create a small webserver (probably in Go) to listen on a port on the client-owned server. The client-side web app could then make API calls directly to the client-owned server, encrypted over HTTPS, and the webserver listening on the client-owned server would handle the requests. Downsides of this: I need to create a user management system (rather than rely on the client-owned server's authentication systems) and implement some way of ascertaining that the client-owned server is actually owned by the client.

            Possible question from you all

            You may ask, "Why not just make a native application? You could use something like Electron if you're comfortable making web apps!" That's true--but I would really prefer that the application live in the browser for the sake of updates and ease of access. I know, it sounds like I'm just being difficult.

            Please let me know if I can provide any more detail, or if you have any leads for what I should look into next.

            ...

            ANSWER

            Answered 2020-Nov-10 at 03:59

            Okay--I'm assuming this question is VERY specific to my use case, so there may not be much demand for an answer here, but if anyone is headed down this same path...

            What I went with was creating a simple HTTP server in Go that the client could install on their own server, and then my web application could communicate with it. It was all simpler than I thought it would be. Using SSH was not possible, so I created a simple authentication system, and then all actions on the client's server were prompted by HTTP requests from the web application.

            The one catch here is that you WILL run afoul of CORS policy. Thankfully, you have full control over the server application, so cross-origin requests are manageable. You'll need to read up on how to allow cross origin requests on your server (see the excellent MDN reference), paying special attention to all the possible Access-Control-* headers.

            Also be aware (and this had me stuck for a long time) that CORS requests come in pairs--one with an OPTIONS method (as part of the browser's pre-flight check) and one with whatever method you assign (GET, POST, etc.). The OPTIONS method is sent first, and is pretty finicky. Read up on OPTIONS and the browser's pre-flight again at MDN, and anywhere else you can find the info you need.

            Authentication is a barrier for OPTIONS, as a status code other than 200 can cause the pre-flight to fail and halt your request; but blanket approval of OPTIONS requests can cause a mismatch in content sizes between OPTIONS and your method, causing your request to fail also. To overcome that barrier, I had my initial authentication always return a status 200 and then set "authenticated" or "not authenticated" in the return body, so that my client app knew if the request was successful or not. I also set a session variable on the server side so that the user wouldn't need to keep sending auth information and I could use HTTP status responses normally.

            This is a big overview. If anyone has specific questions, feel free to ask them--I'm no CORS expert, but I might be able to point you in the right direction!

            Source https://stackoverflow.com/questions/64342972

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install browsix

            You can install using 'npm i browsix' or download it from GitHub, npm.

            Support

            For a high-level overview of the system design and architecture, please see [this document](doc/report.pdf).
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            Install
          • npm

            npm i browsix

          • CLONE
          • HTTPS

            https://github.com/plasma-umass/browsix.git

          • CLI

            gh repo clone plasma-umass/browsix

          • sshUrl

            git@github.com:plasma-umass/browsix.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Consider Popular JavaScript Libraries

            freeCodeCamp

            by freeCodeCamp

            vue

            by vuejs

            react

            by facebook

            bootstrap

            by twbs

            Try Top Libraries by plasma-umass

            scalene

            by plasma-umassJavaScript

            coz

            by plasma-umassC

            doppio

            by plasma-umassTypeScript

            Mesh

            by plasma-umassC++

            ChatDBG

            by plasma-umassPython