[Bug 674470] Please add icc.gnome.org web service

["sysadmin" (bugzilla.gnome.org) <bugzilla gnome org>]

https://bugzilla.gnome.org/show_bug.cgi?id=674470
  sysadmin | Other | unspecified

--- Comment #2 from Richard Hughes <richard hughsie com> 2012-04-23 07:57:44 UTC ---
(In reply to comment #1)
> First thoughts:
> - PHP is the evil. E.g. "$uploadfile = $uploaddir .
> basename($_FILES['userfile']['name']);", fortunately you don't use it, but this
> is insecure.

Right, I agree php isn't a great choice. The script was basically a first "is
it possible" attempt, but ideally I wanted to use something like python using
Flask or Bottle, but I wanted to check what would be preferable from a
GNOME.org point of view. Let me know what you'd prefer and I'm happy to write
something production ready in your language-of-choice.

> - I think we should put it on https

Sure, it's super low traffic so this would be fine.

> I wonder about the general feature though. If you use hash to generate the icc
> profile, how would people use it? They have to write down the URL?

Yes, long term I want to use some kind of URL shortening service, so rather
than remembering the long hash, the user can remember https://icc.gnome.org/a21
-- this is a nice to have tho.

> For GNOME users:
> Just providing the file seems easier

Yes, agreed, although the user will still have to copy the file from the LiveCD
onto their system partition or a usb pendrive.

> For Windows/Mac OS X users:
> Seems easier just to email to file somewhere? I guess you worry about abuse?

Yes, allowing email is a can of worms for spam, and providing an
non-authenticated smtp server for relay is obviously open to all kinds of
abuse.

> What is the MIME type for those icc files btw?

application/vnd.iccprofile

-- 
Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the QA contact of the bug.
You are watching the assignee of the bug.