Fix dockerized server setup

Desktop browsers still have some issues in docker. Could be due to MacOS vs Linux.

Author: JannisBush

Dockerfile

@@ -31,4 +31,8 @@ RUN chmod +x /app/entrypoint.sh
 # Expose ports
 EXPOSE 80 443 8443 9000
 
-# WORKDIR /app
+# WORKDIR /app
+
+ENTRYPOINT ["/app/entrypoint.sh"]
+# CMD is default command if not overridden in docker-compose
+CMD ["poetry", "run", "-C", "/app/_hp", "python", "/app/wpt", "serve", "--config", "/app/_hp/wpt-config.json"]

README.md

@@ -20,14 +20,15 @@ Our modified version of the wptserve HTTP server implementation can be found in
 - Manually check if the server and the tests are working: Visit http://sub.headers.websec.saarland:80/_hp/tests/framing.sub.html and confirm that tests are loaded and executed.
 - Optional: Run tests to check that everything is working correctly: `poetry run -C _hp pytest _hp`
 - Optional: Change the used domains in [_hp/wpt-config.json](_hp/wpt-config.json) and [_hp/host-config.txt](_hp/host-config.txt)
-- To run it inside a Docker container: `docker compose up --build`. This should spin up the server.
+- To run it inside a Docker container: `docker compose up --build`. This should spin up the server (as we use the same docker for the linux desktop browsers, the container is configured as `platform: linux/amd64` meaning it is emulated and slow on AppleSilicon)
 
 
 ## Reproduce or Enhance our Results
 In the following, we describe how to reproduce all our results from the paper.
 By slightly adapting the configuration and updating the used browsers, it is also possible to run our tool chain on new/other browser configurations.
 
 ### Desktop Browsers (Linux Ubuntu)
+- Note: if running in the docker container on AppleSilicon only headless browser will work as Xvfb cannot be emulated
 - Execute `cd _hp/hp/tools/crawler`
 - If using self-signed certs, add `--ignore_certs` to all commands.
 - Run the following for a quick test run to check that everything is working: `poetry run python desktop_selenium.py --debug_browsers --resp_type debug`

_hp/hp/test_external_api.py

@@ -2,7 +2,7 @@
 import json
 import httpx
 
-with open("_hp/wpt-config.json", "r") as f:
+with open("/app/_hp/wpt-config.json", "r") as f:
     wpt_config = json.load(f)
 
 def test_get_resp_ids():

_hp/hp/test_internals.py

@@ -6,7 +6,7 @@
 from hp.tools.create_responses import create_responses
 from hp.tools.crawler.desktop_selenium import get_child_processes
 
-with open("_hp/wpt-config.json", "r") as f:
+with open("/app/_hp/wpt-config.json", "r") as f:
     wpt_config = json.load(f)
 
 

_hp/hp/tools/analysis/utils.py

@@ -8,10 +8,10 @@
 
 @dataclass
 class Config:
-    DB_HOST: str="localhost"
+    DB_HOST: str="postgres"
     DB_NAME: str="http_header_demo"
-    DB_USER: str=""
-    DB_PASSWORD: str=""
+    DB_USER: str="header_user"
+    DB_PASSWORD: str="header_password"
     DB_PORT: str="5432"
 
 def get_data(config: Config, select_query: str, quiet=False) -> pd.DataFrame:
@@ -64,17 +64,17 @@ def postgresql_to_dataframe(conn, select_query, non_cat=None):
         print("Error: %s" % error)
         cursor.close()
         return 1
-    
+
     # Naturally we get a list of tuples
     tuples = cursor.fetchall()
     cursor.close()
-    
+
     # We just need to turn it into a pandas dataframe
     df = pd.DataFrame(tuples, columns=column_names)
-    
+
     # Convert all string (object) columns to categorical to speed things up
     # df[df.select_dtypes(['object']).columns] = df.select_dtypes(['object']).apply(to_cat, non_cat=non_cat)
-    
+
     return df
 
 def to_cat(column, non_cat=[]):
@@ -105,7 +105,7 @@ def clickable(title=None, url=None):
 
 def add_columns(df):
     """Create extra columns: e.g., clean_url and filtered outcome_str"""
-    
+
     df["outcome_str"] = df["outcome_value"].fillna("None").astype(str)
     df["clean_url"] = df["full_url"].apply(clean_url)
     @lru_cache(maxsize=None)
@@ -115,16 +115,16 @@ def id_to_browser(id):
     df["browser"] = df["browser_id"].apply(id_to_browser)
     df["org_origin"] = df["org_scheme"] + "://" + df["org_host"]
     df["resp_origin"] = df["resp_scheme"] + "://" + df["resp_host"]
-    
+
     # Unify outcomes that are semantically the same (only the exact error string is different in different browsers)
-    
+
     # Fetch fails:
     # Firefox: {'error': 'object "TypeError: NetworkError when attempting to fetch resource."', 'headers': ''}
     # Chromium: {'error': 'object "TypeError: Failed to fetch"', 'headers': ''}
     # Safari: {'error': 'object "TypeError: Load failed"', 'headers': ''}
     df["outcome_str"] = df["outcome_str"].replace("TypeError: Load failed", "TypeError: Failed to fetch", regex=True)
     df["outcome_str"] = df["outcome_str"].replace("TypeError: NetworkError when attempting to fetch resource.", "TypeError: Failed to fetch", regex=True)
-    
+
     # Fetch is aborted:
     # Firefox: AbortError: The operation was aborted.<space>
     # Safari: AbortError: Fetch is aborted
@@ -137,10 +137,10 @@ def id_to_browser(id):
     # Firefox: {'window.open.opener': 'object "TypeError: w is null"'}
     df["outcome_str"] = df["outcome_str"].replace("TypeError: w is null", "No window-reference. Probably popup blocked", regex=True)
     df["outcome_str"] = df["outcome_str"].replace("TypeError: Cannot read properties of null (reading \'opener\')", "No window-reference. Probably popup blocked", regex=True)
-    
+
     # For document referrer we only want to know whether it is a origin or the full URl?
     df['outcome_str'] = df['outcome_str'].apply(lambda x: 'document.referrer: full_url' if 'responses.py?feature_group' in x else x)
     # The differences always only are between http-origin, https-origin, full-url, none, timeout; there is never a difference between the various origins, thus we can merge them to make our live easier
     df["outcome_str"] = df["outcome_str"].apply(lambda x: "document.referrer: https://origin" if "https://" in x else x)
     df["outcome_str"] = df["outcome_str"].apply(lambda x: "document.referrer: http://origin" if "http://" in x else x)
-    return df
+    return df