Sending Files from GWT to a Web Server and Faking a Request IP

I'm working on a project in GWT, however, I need to store the uploaded files on my personal web server.

The user will upload the files using GWT, my back end will store the files information in AppEngine's database and send the file to the server.

I'm thinking of creating a PHP script on the web server that will handle the files coming from GWT and sends the files as needed.

Also, I'm planning on validating the IP address of the request.

My concerns are:

  1. Is validating the IP address from which the request came good enough to ensure no one misuses the PHP script?
  2. How can GWT's server send the file to PHP?
  3. Is there a better way to do this?

Thanks in advance

Answers


The ip address can be verified using php's $_SERVER['REMOTE_ADDR'] . This variable is pulled from Apache's TCP socket and it cannot be easily spoofed. I personally have dug though the code to verify this.

However, if the communication comes from the WIFI at a local cafe then you might have a problem. An attacker on the network can sniff the connection and you are sharing your ip address with them.

The very secure method of protecting against this cafe scenario is using SSL. HTTPS is easy to setup, but make sure you buy a real certificate which should run you about ~$30 a year.


Need Your Help

IE8 DOM transforming XML and returning nothing from jQuery find() or filter()

javascript jquery xml dom internet-explorer-8

I have a page that is getting an XML document in order to add a form to the page.

QTextBrowser or QWebView?

html qt qwebview qtextbrowser

I need to render some HTML content (created by the application) and I'm wondering whether I should use QTextBrowser or QWebView. Although they seem quite similar, the doc doesn't discuss the differ...

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.