SlideShare a Scribd company logo

Designing and Debugging Mobile Apps with an Embedded, Scriptable Web Server

All Things Open
All Things Open

Presented at: All Things Open 2019 Presented by: Matthew Burke, Capital One

Technology
1 of 32
Download to read offline
Designing and Debugging Mobile Apps with an Embedded, Scriptable Web Server Matthew Burke matthew.burke@capitalone.com All Things Open • Raleigh, NC • 14 October 2019 Just a taste of why you might want to do this and how you would do it. Reach out to me via email and I’d be happy to discuss at length
General Points • Value in a general-purpose, turn-key solution? • Easy enough to role your own • Security • Increases attack surface for your app • Do you trust your beta testers?
Use Case 1: Debugging
How easily can you expose your app’s data structures and configuration? Can do “simple” logging. Also can do more targeted analysis
Use Case 2: Mocking Two different scenarios for mocking: 1. Controlled testing 2. Backend doesn’t exist
Desired Operations • CRUD • list • dump/load • collect statistics C reate R ead U pdate D elete
Desired Features • Path variables • Header processing • URL-encoded Forms Others are context dependent. Unless you have specific needs, HTTPS support not needed.
Use Case 3: Tuning
CGFloat animationDuration = 0.5; Or should it be 0.4, or 0.3 or …
KA SwiftTweaks public struct ET: TweakLibraryType { public static let tint = Tweak(“General”, “Colors”, “Tint”, UIColor.blue) public static let marginVertical = Tweak<CGFloat>(… public static let defaultStore: TweakStore = … Note one alternative with some history behind it is a “Tweaking system” E.G. Kahn Academy’s implementation. Mention Facebook. A lot of overhead due to creating UI to adjust these values.
Be careful with your UI. Users will always surprise you. TAP Congress story
Use Case 3a: A/B Testing
Use Case 4: 
 Server App Port
Mobile OS Application Application Server OS Shim
Implementation Notes 1: Web Server
• A number of drop-in alternatives exist: • Swifter: https://github.com/httpswift/swifter (iOS) • NanoHTTPD: https://github.com/NanoHttpd/nanohttpd (Android)
server[“/app-auth-token”] = { _ in let aaToken = self.appSession.appAuthToken ?? “N/A” return aaToken }
server[“/showmarked”] = { _ in guard let mainView = … let markedView = mainView.viewWithTag(tagMark) markedView?.backgroundColor = .red return .ok(.text(“markedn”) }
server[“/register”] = { request in guard let method = request.params[“method”] else guard let path = request.params[“path”] else { … guard let script = request.params[“script”] else { self.server.router.register(method, path, script) }
Implementation Notes 2: Scripting Engine
A few words about Lua Language choice: you want something light-weight and with a good API
Again, this is not necessarily production-quality code, although depending on your use case, it might be adequate. The main point here is that Lua's first-class functions allow you to fairly easily implement a range of techniques.
smt = debug.getmetatable(“some string”) smt.__mul = function(s, i) local result = “” for idx = 1, i do result = result .. s end end “foo” * 3 .. “bar” -- foofoofoobar Perhaps a slightly less whimsical example...here I overload multiplication to give string repetition.
The Lua C API: • fully re-entrant • information contained in a Lua State • communicate via a virtual stack of Lua values • registry—predefined Lua table • userdata for accessing host program data “C API Details” Slide
C Binding “C Binding Title” Slide
“Blink Photo” Slide
“Blink Implementation 1” Slide
“Blink Implementation 2” Slide
“Blink Implementation 3” Slide
“Blink Implementation 4” Slide
Summary • Embedding a webserver during development opens up a range of techniques to ease development and explore the design space • Scripting naturally extends this capability—you don’t have to decide everything up front • Lua is a very solid choice for this purpose.
Thank You! Questions? • matthew.burke@capitalone.com • http://github.com/profburke — slides will go up soonish • http://lua.org

Recommended

Cleaner Code Through Test-Driven Development
Cleaner Code Through Test-Driven DevelopmentCleaner Code Through Test-Driven Development
Cleaner Code Through Test-Driven DevelopmentAll Things Open
 
Modern Tools for Building Progressive Web Apps
Modern Tools for Building Progressive Web AppsModern Tools for Building Progressive Web Apps
Modern Tools for Building Progressive Web AppsAll Things Open
 
Deploying Anything as a Service (XaaS) Using Operators on Kubernetes
Deploying Anything as a Service (XaaS) Using Operators on KubernetesDeploying Anything as a Service (XaaS) Using Operators on Kubernetes
Deploying Anything as a Service (XaaS) Using Operators on KubernetesAll Things Open
 
Serverless Functions: Accelerating DevOps Adoption
Serverless Functions: Accelerating DevOps AdoptionServerless Functions: Accelerating DevOps Adoption
Serverless Functions: Accelerating DevOps AdoptionAll Things Open
 
Embracing Observability in CI/CD with OpenTelemetry
Embracing Observability in CI/CD with OpenTelemetryEmbracing Observability in CI/CD with OpenTelemetry
Embracing Observability in CI/CD with OpenTelemetryCyrille Le Clerc
 
Serverless
ServerlessServerless
ServerlessVishwas N
 
Concurrency in Swift
Concurrency in SwiftConcurrency in Swift
Concurrency in SwiftSeven Peaks Speaks
 
Is your kubernetes negative or positive
Is your kubernetes negative or positive Is your kubernetes negative or positive
Is your kubernetes negative or positive LibbySchulze
 

Recommended

Cleaner Code Through Test-Driven Development
Cleaner Code Through Test-Driven DevelopmentCleaner Code Through Test-Driven Development
Cleaner Code Through Test-Driven DevelopmentAll Things Open
 
Modern Tools for Building Progressive Web Apps
Modern Tools for Building Progressive Web AppsModern Tools for Building Progressive Web Apps
Modern Tools for Building Progressive Web AppsAll Things Open
 
Deploying Anything as a Service (XaaS) Using Operators on Kubernetes
Deploying Anything as a Service (XaaS) Using Operators on KubernetesDeploying Anything as a Service (XaaS) Using Operators on Kubernetes
Deploying Anything as a Service (XaaS) Using Operators on KubernetesAll Things Open
 
Serverless Functions: Accelerating DevOps Adoption
Serverless Functions: Accelerating DevOps AdoptionServerless Functions: Accelerating DevOps Adoption
Serverless Functions: Accelerating DevOps AdoptionAll Things Open
 
Embracing Observability in CI/CD with OpenTelemetry
Embracing Observability in CI/CD with OpenTelemetryEmbracing Observability in CI/CD with OpenTelemetry
Embracing Observability in CI/CD with OpenTelemetryCyrille Le Clerc
 
Serverless
ServerlessServerless
ServerlessVishwas N
 
Concurrency in Swift
Concurrency in SwiftConcurrency in Swift
Concurrency in SwiftSeven Peaks Speaks
 
Is your kubernetes negative or positive
Is your kubernetes negative or positive Is your kubernetes negative or positive
Is your kubernetes negative or positive LibbySchulze
 
Microservice no fluff, the REAL stuff
Microservice no fluff, the REAL stuffMicroservice no fluff, the REAL stuff
Microservice no fluff, the REAL stuffnklmish
 
Netflix Architecture and Open Source
Netflix Architecture and Open SourceNetflix Architecture and Open Source
Netflix Architecture and Open SourceAll Things Open
 
Better java with design
Better java with designBetter java with design
Better java with designNarayann Swaami
 
Javascript Frameworks (and How to Learn Them)
Javascript Frameworks (and How to Learn Them)Javascript Frameworks (and How to Learn Them)
Javascript Frameworks (and How to Learn Them)All Things Open
 
DevSecOps on Azure
DevSecOps on AzureDevSecOps on Azure
DevSecOps on AzureSeven Peaks Speaks
 
Devops online training ppt
Devops online training pptDevops online training ppt
Devops online training pptKhalidQureshi31
 
Serverless meetup - OpenWhisk overview and architecture
Serverless meetup - OpenWhisk overview and architectureServerless meetup - OpenWhisk overview and architecture
Serverless meetup - OpenWhisk overview and architectureSandeep Paliwal
 
How to practice TDD without shooting yourself in the foot
How to practice TDD without shooting yourself in the footHow to practice TDD without shooting yourself in the foot
How to practice TDD without shooting yourself in the footDennis Doomen
 
Securing Your Resources with Short-Lived Certificates!
Securing Your Resources with Short-Lived Certificates!Securing Your Resources with Short-Lived Certificates!
Securing Your Resources with Short-Lived Certificates!All Things Open
 
Continuous integration
Continuous integrationContinuous integration
Continuous integrationLior Tal
 
Flux is incubating + the road ahead
Flux is incubating + the road aheadFlux is incubating + the road ahead
Flux is incubating + the road aheadLibbySchulze
 
Infrastrucutre as Code
Infrastrucutre as CodeInfrastrucutre as Code
Infrastrucutre as CodeHarmeet Singh
 
Tce automation-d4
Tce automation-d4Tce automation-d4
Tce automation-d4Tikal Knowledge
 
Go for Operations
Go for OperationsGo for Operations
Go for OperationsQAware GmbH
 
DevOps from the Provider Perspective
DevOps from the Provider PerspectiveDevOps from the Provider Perspective
DevOps from the Provider PerspectivePat Patterson
 
Who needs containers in a serverless world
Who needs containers in a serverless worldWho needs containers in a serverless world
Who needs containers in a serverless worldMatthias Luebken
 
Javantura v4 - Support SpringBoot application development lifecycle using Ora...
Javantura v4 - Support SpringBoot application development lifecycle using Ora...Javantura v4 - Support SpringBoot application development lifecycle using Ora...
Javantura v4 - Support SpringBoot application development lifecycle using Ora...HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
GraphQL-ify your APIs
GraphQL-ify your APIsGraphQL-ify your APIs
GraphQL-ify your APIsSoham Dasgupta
 
Integracia security do ci cd pipelines
Integracia security do ci cd pipelinesIntegracia security do ci cd pipelines
Integracia security do ci cd pipelinesJuraj Hantak
 
Qtp interview questions
Qtp interview questionsQtp interview questions
Qtp interview questionsRamu Palanki
 
Qtp interview questions
Qtp interview questionsQtp interview questions
Qtp interview questionsRamu Palanki
 
Cloud APIs Overview Tucker
Cloud APIs Overview TuckerCloud APIs Overview Tucker
Cloud APIs Overview TuckerInfrastructure 2.0
 

More Related Content

What's hot

Microservice no fluff, the REAL stuff
Microservice no fluff, the REAL stuffMicroservice no fluff, the REAL stuff
Microservice no fluff, the REAL stuffnklmish
 
Netflix Architecture and Open Source
Netflix Architecture and Open SourceNetflix Architecture and Open Source
Netflix Architecture and Open SourceAll Things Open
 
Javascript Frameworks (and How to Learn Them)
Javascript Frameworks (and How to Learn Them)Javascript Frameworks (and How to Learn Them)
Javascript Frameworks (and How to Learn Them)All Things Open
 
Devops online training ppt
Devops online training pptDevops online training ppt
Devops online training pptKhalidQureshi31
 
Serverless meetup - OpenWhisk overview and architecture
Serverless meetup - OpenWhisk overview and architectureServerless meetup - OpenWhisk overview and architecture
Serverless meetup - OpenWhisk overview and architectureSandeep Paliwal
 
How to practice TDD without shooting yourself in the foot
How to practice TDD without shooting yourself in the footHow to practice TDD without shooting yourself in the foot
How to practice TDD without shooting yourself in the footDennis Doomen
 
Securing Your Resources with Short-Lived Certificates!
Securing Your Resources with Short-Lived Certificates!Securing Your Resources with Short-Lived Certificates!
Securing Your Resources with Short-Lived Certificates!All Things Open
 
Continuous integration
Continuous integrationContinuous integration
Continuous integrationLior Tal
 
Flux is incubating + the road ahead
Flux is incubating + the road aheadFlux is incubating + the road ahead
Flux is incubating + the road aheadLibbySchulze
 
Infrastrucutre as Code
Infrastrucutre as CodeInfrastrucutre as Code
Infrastrucutre as CodeHarmeet Singh
 
Go for Operations
Go for OperationsGo for Operations
Go for OperationsQAware GmbH
 
DevOps from the Provider Perspective
DevOps from the Provider PerspectiveDevOps from the Provider Perspective
DevOps from the Provider PerspectivePat Patterson
 
Who needs containers in a serverless world
Who needs containers in a serverless worldWho needs containers in a serverless world
Who needs containers in a serverless worldMatthias Luebken
 
Integracia security do ci cd pipelines
Integracia security do ci cd pipelinesIntegracia security do ci cd pipelines
Integracia security do ci cd pipelinesJuraj Hantak
 

What's hot (19)

Microservice no fluff, the REAL stuff
Microservice no fluff, the REAL stuffMicroservice no fluff, the REAL stuff
Microservice no fluff, the REAL stuff
 
Netflix Architecture and Open Source
Netflix Architecture and Open SourceNetflix Architecture and Open Source
Netflix Architecture and Open Source
 
Better java with design
Better java with designBetter java with design
Better java with design
 
Javascript Frameworks (and How to Learn Them)
Javascript Frameworks (and How to Learn Them)Javascript Frameworks (and How to Learn Them)
Javascript Frameworks (and How to Learn Them)
 
DevSecOps on Azure
DevSecOps on AzureDevSecOps on Azure
DevSecOps on Azure
 
Devops online training ppt
Devops online training pptDevops online training ppt
Devops online training ppt
 
Serverless meetup - OpenWhisk overview and architecture
Serverless meetup - OpenWhisk overview and architectureServerless meetup - OpenWhisk overview and architecture
Serverless meetup - OpenWhisk overview and architecture
 
How to practice TDD without shooting yourself in the foot
How to practice TDD without shooting yourself in the footHow to practice TDD without shooting yourself in the foot
How to practice TDD without shooting yourself in the foot
 
Securing Your Resources with Short-Lived Certificates!
Securing Your Resources with Short-Lived Certificates!Securing Your Resources with Short-Lived Certificates!
Securing Your Resources with Short-Lived Certificates!
 
Continuous integration
Continuous integrationContinuous integration
Continuous integration
 
Flux is incubating + the road ahead
Flux is incubating + the road aheadFlux is incubating + the road ahead
Flux is incubating + the road ahead
 
Infrastrucutre as Code
Infrastrucutre as CodeInfrastrucutre as Code
Infrastrucutre as Code
 
Tce automation-d4
Tce automation-d4Tce automation-d4
Tce automation-d4
 
Go for Operations
Go for OperationsGo for Operations
Go for Operations
 
DevOps from the Provider Perspective
DevOps from the Provider PerspectiveDevOps from the Provider Perspective
DevOps from the Provider Perspective
 
Who needs containers in a serverless world
Who needs containers in a serverless worldWho needs containers in a serverless world
Who needs containers in a serverless world
 
Javantura v4 - Support SpringBoot application development lifecycle using Ora...
Javantura v4 - Support SpringBoot application development lifecycle using Ora...Javantura v4 - Support SpringBoot application development lifecycle using Ora...
Javantura v4 - Support SpringBoot application development lifecycle using Ora...
 
GraphQL-ify your APIs
GraphQL-ify your APIsGraphQL-ify your APIs
GraphQL-ify your APIs
 
Integracia security do ci cd pipelines
Integracia security do ci cd pipelinesIntegracia security do ci cd pipelines
Integracia security do ci cd pipelines
 

Similar to Designing and Debugging Mobile Apps with an Embedded, Scriptable Web Server

Qtp interview questions
Qtp interview questionsQtp interview questions
Qtp interview questionsRamu Palanki
 
Qtp interview questions
Qtp interview questionsQtp interview questions
Qtp interview questionsRamu Palanki
 
Browser-Based Load Testing with Grafana K6
Browser-Based Load Testing with Grafana K6Browser-Based Load Testing with Grafana K6
Browser-Based Load Testing with Grafana K6Knoldus Inc.
 
Divya Jyothi Resume
Divya Jyothi ResumeDivya Jyothi Resume
Divya Jyothi Resumedivya jyothi
 
Boost your App with Gatling
Boost your App with GatlingBoost your App with Gatling
Boost your App with GatlingKnoldus Inc.
 
Justmeans power point
Justmeans power pointJustmeans power point
Justmeans power pointjustmeanscsr
 
Dhanasekaran 2008-2009 Quick Test Pro Presentation
Dhanasekaran 2008-2009 Quick Test Pro PresentationDhanasekaran 2008-2009 Quick Test Pro Presentation
Dhanasekaran 2008-2009 Quick Test Pro PresentationDhanasekaran Nagarajan
 
First QTP Tutorial
First QTP TutorialFirst QTP Tutorial
First QTP Tutorialtjdhans
 
QTP Tutorial Slides Presentation.
QTP Tutorial Slides Presentation.QTP Tutorial Slides Presentation.
QTP Tutorial Slides Presentation.Jaya Priya
 
I Know It Was MEAN, But I Cut the Cord to LAMP Anyway
I Know It Was MEAN, But I Cut the Cord to LAMP AnywayI Know It Was MEAN, But I Cut the Cord to LAMP Anyway
I Know It Was MEAN, But I Cut the Cord to LAMP AnywayPOSSCON
 
I Know It Was MEAN, But I Cut the Cord to LAMP Anyway
I Know It Was MEAN, But I Cut the Cord to LAMP AnywayI Know It Was MEAN, But I Cut the Cord to LAMP Anyway
I Know It Was MEAN, But I Cut the Cord to LAMP AnywayAll Things Open
 
Multi-tenancy with Rails
Multi-tenancy with RailsMulti-tenancy with Rails
Multi-tenancy with RailsPaul Gallagher
 
Serverless Computing
Serverless ComputingServerless Computing
Serverless ComputingAnand Gupta
 
Struts 2-overview2
Struts 2-overview2Struts 2-overview2
Struts 2-overview2divzi1913
 
Developing Java Web Applications In Google App Engine
Developing Java Web Applications In Google App EngineDeveloping Java Web Applications In Google App Engine
Developing Java Web Applications In Google App EngineTahir Akram
 
Gatling Performance Workshop
Gatling Performance WorkshopGatling Performance Workshop
Gatling Performance WorkshopSai Krishna
 
AngularJS in Production (CTO Forum)
AngularJS in Production (CTO Forum)AngularJS in Production (CTO Forum)
AngularJS in Production (CTO Forum)Alex Ross
 

Similar to Designing and Debugging Mobile Apps with an Embedded, Scriptable Web Server (20)

Qtp interview questions
Qtp interview questionsQtp interview questions
Qtp interview questions
 
Qtp interview questions
Qtp interview questionsQtp interview questions
Qtp interview questions
 
Cloud APIs Overview Tucker
Cloud APIs Overview TuckerCloud APIs Overview Tucker
Cloud APIs Overview Tucker
 
Browser-Based Load Testing with Grafana K6
Browser-Based Load Testing with Grafana K6Browser-Based Load Testing with Grafana K6
Browser-Based Load Testing with Grafana K6
 
Divya Jyothi Resume
Divya Jyothi ResumeDivya Jyothi Resume
Divya Jyothi Resume
 
Boost your App with Gatling
Boost your App with GatlingBoost your App with Gatling
Boost your App with Gatling
 
Justmeans power point
Justmeans power pointJustmeans power point
Justmeans power point
 
Dhanasekaran 2008-2009 Quick Test Pro Presentation
Dhanasekaran 2008-2009 Quick Test Pro PresentationDhanasekaran 2008-2009 Quick Test Pro Presentation
Dhanasekaran 2008-2009 Quick Test Pro Presentation
 
First QTP Tutorial
First QTP TutorialFirst QTP Tutorial
First QTP Tutorial
 
QTP Tutorial Slides Presentation.
QTP Tutorial Slides Presentation.QTP Tutorial Slides Presentation.
QTP Tutorial Slides Presentation.
 
I Know It Was MEAN, But I Cut the Cord to LAMP Anyway
I Know It Was MEAN, But I Cut the Cord to LAMP AnywayI Know It Was MEAN, But I Cut the Cord to LAMP Anyway
I Know It Was MEAN, But I Cut the Cord to LAMP Anyway
 
I Know It Was MEAN, But I Cut the Cord to LAMP Anyway
I Know It Was MEAN, But I Cut the Cord to LAMP AnywayI Know It Was MEAN, But I Cut the Cord to LAMP Anyway
I Know It Was MEAN, But I Cut the Cord to LAMP Anyway
 
Multi-tenancy with Rails
Multi-tenancy with RailsMulti-tenancy with Rails
Multi-tenancy with Rails
 
Cucumber_Training_ForQA
Cucumber_Training_ForQACucumber_Training_ForQA
Cucumber_Training_ForQA
 
Serverless Computing
Serverless ComputingServerless Computing
Serverless Computing
 
Resume
ResumeResume
Resume
 
Struts 2-overview2
Struts 2-overview2Struts 2-overview2
Struts 2-overview2
 
Developing Java Web Applications In Google App Engine
Developing Java Web Applications In Google App EngineDeveloping Java Web Applications In Google App Engine
Developing Java Web Applications In Google App Engine
 
Gatling Performance Workshop
Gatling Performance WorkshopGatling Performance Workshop
Gatling Performance Workshop
 
AngularJS in Production (CTO Forum)
AngularJS in Production (CTO Forum)AngularJS in Production (CTO Forum)
AngularJS in Production (CTO Forum)
 

More from All Things Open

Building Reliability - The Realities of Observability
Building Reliability - The Realities of ObservabilityBuilding Reliability - The Realities of Observability
Building Reliability - The Realities of ObservabilityAll Things Open
 
Modern Database Best Practices
Modern Database Best PracticesModern Database Best Practices
Modern Database Best PracticesAll Things Open
 
Open Source and Public Policy
Open Source and Public PolicyOpen Source and Public Policy
Open Source and Public PolicyAll Things Open
 
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...All Things Open
 
The State of Passwordless Auth on the Web - Phil Nash
The State of Passwordless Auth on the Web - Phil NashThe State of Passwordless Auth on the Web - Phil Nash
The State of Passwordless Auth on the Web - Phil NashAll Things Open
 
Total ReDoS: The dangers of regex in JavaScript
Total ReDoS: The dangers of regex in JavaScriptTotal ReDoS: The dangers of regex in JavaScript
Total ReDoS: The dangers of regex in JavaScriptAll Things Open
 
What Does Real World Mass Adoption of Decentralized Tech Look Like?
What Does Real World Mass Adoption of Decentralized Tech Look Like?What Does Real World Mass Adoption of Decentralized Tech Look Like?
What Does Real World Mass Adoption of Decentralized Tech Look Like?All Things Open
 
How to Write & Deploy a Smart Contract
How to Write & Deploy a Smart ContractHow to Write & Deploy a Smart Contract
How to Write & Deploy a Smart ContractAll Things Open
 
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlowAll Things Open
 
DEI Challenges and Success
DEI Challenges and SuccessDEI Challenges and Success
DEI Challenges and SuccessAll Things Open
 
Scaling Web Applications with Background
Scaling Web Applications with BackgroundScaling Web Applications with Background
Scaling Web Applications with BackgroundAll Things Open
 
Supercharging tutorials with WebAssembly
Supercharging tutorials with WebAssemblySupercharging tutorials with WebAssembly
Supercharging tutorials with WebAssemblyAll Things Open
 
Using SQL to Find Needles in Haystacks
Using SQL to Find Needles in HaystacksUsing SQL to Find Needles in Haystacks
Using SQL to Find Needles in HaystacksAll Things Open
 
Configuration Security as a Game of Pursuit Intercept
Configuration Security as a Game of Pursuit InterceptConfiguration Security as a Game of Pursuit Intercept
Configuration Security as a Game of Pursuit InterceptAll Things Open
 
Scaling an Open Source Sponsorship Program
Scaling an Open Source Sponsorship ProgramScaling an Open Source Sponsorship Program
Scaling an Open Source Sponsorship ProgramAll Things Open
 
Build Developer Experience Teams for Open Source
Build Developer Experience Teams for Open SourceBuild Developer Experience Teams for Open Source
Build Developer Experience Teams for Open SourceAll Things Open
 
Deploying Models at Scale with Apache Beam
Deploying Models at Scale with Apache BeamDeploying Models at Scale with Apache Beam
Deploying Models at Scale with Apache BeamAll Things Open
 
Sudo – Giving access while staying in control
Sudo – Giving access while staying in controlSudo – Giving access while staying in control
Sudo – Giving access while staying in controlAll Things Open
 
Fortifying the Future: Tackling Security Challenges in AI/ML Applications
Fortifying the Future: Tackling Security Challenges in AI/ML ApplicationsFortifying the Future: Tackling Security Challenges in AI/ML Applications
Fortifying the Future: Tackling Security Challenges in AI/ML ApplicationsAll Things Open
 
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...All Things Open
 

More from All Things Open (20)

Building Reliability - The Realities of Observability
Building Reliability - The Realities of ObservabilityBuilding Reliability - The Realities of Observability
Building Reliability - The Realities of Observability
 
Modern Database Best Practices
Modern Database Best PracticesModern Database Best Practices
Modern Database Best Practices
 
Open Source and Public Policy
Open Source and Public PolicyOpen Source and Public Policy
Open Source and Public Policy
 
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...
 
The State of Passwordless Auth on the Web - Phil Nash
The State of Passwordless Auth on the Web - Phil NashThe State of Passwordless Auth on the Web - Phil Nash
The State of Passwordless Auth on the Web - Phil Nash
 
Total ReDoS: The dangers of regex in JavaScript
Total ReDoS: The dangers of regex in JavaScriptTotal ReDoS: The dangers of regex in JavaScript
Total ReDoS: The dangers of regex in JavaScript
 
What Does Real World Mass Adoption of Decentralized Tech Look Like?
What Does Real World Mass Adoption of Decentralized Tech Look Like?What Does Real World Mass Adoption of Decentralized Tech Look Like?
What Does Real World Mass Adoption of Decentralized Tech Look Like?
 
How to Write & Deploy a Smart Contract
How to Write & Deploy a Smart ContractHow to Write & Deploy a Smart Contract
How to Write & Deploy a Smart Contract
 
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow
 
DEI Challenges and Success
DEI Challenges and SuccessDEI Challenges and Success
DEI Challenges and Success
 
Scaling Web Applications with Background
Scaling Web Applications with BackgroundScaling Web Applications with Background
Scaling Web Applications with Background
 
Supercharging tutorials with WebAssembly
Supercharging tutorials with WebAssemblySupercharging tutorials with WebAssembly
Supercharging tutorials with WebAssembly
 
Using SQL to Find Needles in Haystacks
Using SQL to Find Needles in HaystacksUsing SQL to Find Needles in Haystacks
Using SQL to Find Needles in Haystacks
 
Configuration Security as a Game of Pursuit Intercept
Configuration Security as a Game of Pursuit InterceptConfiguration Security as a Game of Pursuit Intercept
Configuration Security as a Game of Pursuit Intercept
 
Scaling an Open Source Sponsorship Program
Scaling an Open Source Sponsorship ProgramScaling an Open Source Sponsorship Program
Scaling an Open Source Sponsorship Program
 
Build Developer Experience Teams for Open Source
Build Developer Experience Teams for Open SourceBuild Developer Experience Teams for Open Source
Build Developer Experience Teams for Open Source
 
Deploying Models at Scale with Apache Beam
Deploying Models at Scale with Apache BeamDeploying Models at Scale with Apache Beam
Deploying Models at Scale with Apache Beam
 
Sudo – Giving access while staying in control
Sudo – Giving access while staying in controlSudo – Giving access while staying in control
Sudo – Giving access while staying in control
 
Fortifying the Future: Tackling Security Challenges in AI/ML Applications
Fortifying the Future: Tackling Security Challenges in AI/ML ApplicationsFortifying the Future: Tackling Security Challenges in AI/ML Applications
Fortifying the Future: Tackling Security Challenges in AI/ML Applications
 
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...
 

Recently uploaded

FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 

Recently uploaded (20)

FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 

Designing and Debugging Mobile Apps with an Embedded, Scriptable Web Server

  • 1. Designing and Debugging Mobile Apps with an Embedded, Scriptable Web Server Matthew Burke matthew.burke@capitalone.com All Things Open • Raleigh, NC • 14 October 2019 Just a taste of why you might want to do this and how you would do it. Reach out to me via email and I’d be happy to discuss at length
  • 2. General Points • Value in a general-purpose, turn-key solution? • Easy enough to role your own • Security • Increases attack surface for your app • Do you trust your beta testers?
  • 4. How easily can you expose your app’s data structures and configuration? Can do “simple” logging. Also can do more targeted analysis
  • 5. Use Case 2: Mocking Two different scenarios for mocking: 1. Controlled testing 2. Backend doesn’t exist
  • 6. Desired Operations • CRUD • list • dump/load • collect statistics C reate R ead U pdate D elete
  • 7. Desired Features • Path variables • Header processing • URL-encoded Forms Others are context dependent. Unless you have specific needs, HTTPS support not needed.
  • 8. Use Case 3: Tuning
  • 9. CGFloat animationDuration = 0.5; Or should it be 0.4, or 0.3 or …
  • 10. KA SwiftTweaks public struct ET: TweakLibraryType { public static let tint = Tweak(“General”, “Colors”, “Tint”, UIColor.blue) public static let marginVertical = Tweak<CGFloat>(… public static let defaultStore: TweakStore = … Note one alternative with some history behind it is a “Tweaking system” E.G. Kahn Academy’s implementation. Mention Facebook. A lot of overhead due to creating UI to adjust these values.
  • 11. Be careful with your UI. Users will always surprise you. TAP Congress story
  • 12. Use Case 3a: A/B Testing
  • 13. Use Case 4: 
 Server App Port
  • 16. • A number of drop-in alternatives exist: • Swifter: https://github.com/httpswift/swifter (iOS) • NanoHTTPD: https://github.com/NanoHttpd/nanohttpd (Android)
  • 17. server[“/app-auth-token”] = { _ in let aaToken = self.appSession.appAuthToken ?? “N/A” return aaToken }
  • 18. server[“/showmarked”] = { _ in guard let mainView = … let markedView = mainView.viewWithTag(tagMark) markedView?.backgroundColor = .red return .ok(.text(“markedn”) }
  • 19. server[“/register”] = { request in guard let method = request.params[“method”] else guard let path = request.params[“path”] else { … guard let script = request.params[“script”] else { self.server.router.register(method, path, script) }
  • 21. A few words about Lua Language choice: you want something light-weight and with a good API
  • 22. Again, this is not necessarily production-quality code, although depending on your use case, it might be adequate. The main point here is that Lua's first-class functions allow you to fairly easily implement a range of techniques.
  • 23. smt = debug.getmetatable(“some string”) smt.__mul = function(s, i) local result = “” for idx = 1, i do result = result .. s end end “foo” * 3 .. “bar” -- foofoofoobar Perhaps a slightly less whimsical example...here I overload multiplication to give string repetition.
  • 24. The Lua C API: • fully re-entrant • information contained in a Lua State • communicate via a virtual stack of Lua values • registry—predefined Lua table • userdata for accessing host program data “C API Details” Slide
  • 25. C Binding “C Binding Title” Slide
  • 31. Summary • Embedding a webserver during development opens up a range of techniques to ease development and explore the design space • Scripting naturally extends this capability—you don’t have to decide everything up front • Lua is a very solid choice for this purpose.
  • 32. Thank You! Questions? • matthew.burke@capitalone.com • http://github.com/profburke — slides will go up soonish • http://lua.org