diff --git a/src/Mod/Web/App/AppWeb.cpp b/src/Mod/Web/App/AppWeb.cpp index 55c8a24a75..26b13791e0 100644 --- a/src/Mod/Web/App/AppWeb.cpp +++ b/src/Mod/Web/App/AppWeb.cpp @@ -32,32 +32,6 @@ #include "Server.h" -// See http://docs.python.org/2/library/socketserver.html -/* -import socket -import threading - - -ip = "127.0.0.1" -port = 54880 - -def client(ip, port, message): - sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - sock.connect((ip, port)) - try: - sock.sendall(message) - response = sock.recv(1024) - print ("Received: {}".format(response)) - finally: - sock.close() - - - -client(ip, port, b"print ('Hello World')") -client(ip, port, b"import FreeCAD\nFreeCAD.newDocument()") - -*/ - namespace Web { class Module: public Py::ExtensionModule diff --git a/src/Mod/Web/web.dox b/src/Mod/Web/web.dox index 2fcbc5cb4e..3e1f4bca45 100644 --- a/src/Mod/Web/web.dox +++ b/src/Mod/Web/web.dox @@ -1,7 +1,70 @@ -/** \defgroup WEB Web - * \ingroup CWORKBENCHES - * \brief A simple remote-access server for FreeCAD - -See \ref src/Mod/Draft/draft.dox as an example of how to populate this page - - */ +/** \defgroup WEB Web + * \ingroup CWORKBENCHES + * \brief Remote-access TCP server for executing Python commands + * + * Provides a TCP server for remote control of FreeCAD via Python code execution. + * + * \section web_starting Starting the Server + * + * Run this in the FreeCAD python console to begin: + * \code{.py} + * import Web + * addr, port = Web.startServer("127.0.0.1", 54880) + * \endcode + * + * Inside the FreeCAD python console, run `help(Web)` to get the available functions. + * + * \section web_clients Client Connections + * + * Example client connection from a separate python console: + * \code{.py} + * import socket + * + * ip = "127.0.0.1" + * port = 54880 + * + * def client(ip, port, message): + * sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + * sock.connect((ip, port)) + * try: + * sock.sendall(message) + * response = sock.recv(1024) + * print ("Received: {}".format(response)) + * finally: + * sock.close() + * + * client(ip, port, b"print('Hello World')") + * client(ip, port, b"import FreeCAD\nFreeCAD.newDocument()") + * \endcode + * + * There is a special GET command to return variables from python. + * If you run `globlals()` in python, you get a list of available values. + * \code{.py} + * client(ip, port, b"GET port") # returns the port variable inside FreeCAD + * client(ip, port, b"GET cmake") + * \endcode + * + * Example with netcat: + * \code{.sh} + * echo "print('Hello World')" | nc 127.0.0.1 54880 + * \endcode + * Replace nc with ncat if you use NMap netcat on Windows. + * + * \section web_security Security Features + * + * %Commands execute as Python code in `__main__`. + * Restrict the allowed functions with `registerServerFirewall`: + * \code{.py} + * def my_firewall(command): + * # This list is an example of "dangerous" commands + * forbidden = ['os.system', 'subprocess', 'exec', 'eval', '__import__'] + * for f in forbidden: + * if f in command: + * print(f"Blocked: contains '{f}'") + * return False + * return True + * + * # The firewall becomes active on already running servers now: + * Web.registerServerFirewall(my_firewall) + * \endcode + */