Comment by latchkey
7 years ago
I have a small (golang) agent that runs on over a thousand raspberry pi class machines (not on the open internet).
The agent has a GET /reboot api because it is really convenient to be able to just hit that url in a browser window when we need to.
Adding all the no-cache headers to the response seems to have worked well enough to prevent browsers from randomly hitting the url.
I just added a check for the x-purpose header as well, thanks for the suggestion.
This still seems like really bad idea when the POST request is right there.
Serve a page with a button saying "are you sure"?
A reboot of the machine isn't the end of the world and far less risky than a garage door randomly opening. It probably needed it anyway as they tend to degrade over time. This is a very specific usecase. If it becomes an issue, I can always push out an update of the software that switches things to POST (thanks to using the golang library, overseer).
It still seems a bit odd to do it this way when it's so easy to do it right.
I hope the hostnames / IP addresses aren't predictable, because all it would take to cause trouble is to send an HTML email containing something like <img src="http://192.168.0.1/reboot"> to your staff and then you'd trigger a bunch of reboots whenever anybody opened their email. Or just send a link to a page that does the same thing. Or text a link to them and wait for iMessage or whatever to preload the page to get the preview. There's so many different ways to trigger an automatic GET precisely because GET is defined to be safe.
2 replies →
Do you really like having to confirm every action? For interfaces that you use all the time, it's nice to be able to eliminate extra steps.
If you're using it programatically (e.g., a script that's calling curl), it's absolutely no trouble to use POST.
If you're using it from a browser, you can write it with a confirmation page for simple browsers, but also use just a little javascript in normal browsers to convert the GET to a POST and skip the confirmation page.
1 reply →
Every action? No. Rebooting a machine, however?
I really (seriously) don’t get why you did’t use POST in the first place? If it’s all for the “easy hit of the url in a browser” there are addons for that? Care to explain? One can’t be that lazy :)