I am trying to develop a chrome extension in which i have coded all my
logic in 'python' . Now on browser action i want to pass parameters
and execute that .py file and return results to popup which will open
on browser action. To call a .py file from JavaScript i know i will
need to code a NPAPI plugin. But am confused between which approach i
should take. I have come across few options and am trying to choose
the easiest way to do it ..
Pyjamas Python Javascript Compiler : is a Python-to-Javascript
compiler which works as a language translator but on FAQ's of there
site last question suggest it will not run on Chrome. ( http://pyjs.org/)
FireBreath : FireBreath is a framework that allows easy creation of
powerful browser plugins. ( http://www.firebreath.org )
pyplugin - Python NPAPI plugin for XULRunner : It allows you to
build cross-platform graphical user interfaces using XUL and Python.
( http://pyplugin.com )
Plz Guide me to easiest way which will allow me to pass parameters and
execute that .py file and receive returned results from .py.
Thanx
Well, Pyjamas Python Javascript Compiler will not be complete -- not all python features are available in javascript, so it's impossible to convert all python to javascript. This may or may not do what you want, but I don't think it happens "on the fly", I think you have to write things on the desktop and run it through the "compiler" to get javascript out the other side.
FireBreath is the most awesomely amazing thing to ever hit the Internet -- I should know since I wrote it -- and it will absolutely allow you to do what you want, but you'll have to know how to tie into Python with C++ in order to do what you want. That said, you could probably use boost.python, which is included in the subset of boost that comes with FireBreath, but I've never used it so I don't know. You can pretty much do anything you want with an NPAPI plugin but you'll want to be real careful of security concerns.
A quick glance at pyplugin makes it look like pyplugin is basically what you'd be writing in FireBreath, but just a raw npapi plugin. If this will do what you want, it's probably the easiest way to go. It's designed to be used with XUL, which may be a problem since Chrome doesn't support XUL. You might also be able to modify it (since it's GPL) to do what you want. Of course, if you weren't planning to release your source, that could also be a problem.
The quickest way to solve your problem? Well, you'll have to decide; it'll take some more research, but I hope this is enough to at least get you started. Good luck!
Related
My problem is as follows:
I have written a python code, and I need to run it on a web page.Basically I need that whatever is on the console should be displayed as it is.
I have no experience in web development and similar libraries, and I need to get this done in a short time. Kindly tell how should I proceed?
Note: I might be plotting some graphs also. It would be great if they could be displayed all at once(sequentially) on the website
https://brython.info/
https://skulpt.org/
https://pyodide.org/en/stable/
There are multiple python implementation on browser, some are webassemble some are javascript.
Is it a good idea to run python on browser as a replacement for javascript in 2022? No it is not, learn javascript. No in-browser python implementation can race with javascript as of today and most probably ever.
You Can't execute Python-Code directly inside a webbrowser - however, you could for instance create a basic IDE in HTML & JS, send code written by a user on the page to a Server, which would then run the code and send the results back to the client-page.
Unfortunately, such a project is quite ambitious and complicated, especially when Security & Stability are of mayor concern, as executing client-code is a very dangerous measure indeed, and requires expertise in Virtualization Techniques & Software.
Another Method could be to use a public API, which allows you to run Python code and fetch the results back. The procedure would be exactly the same as with the previous idea in terms of creating the web-client, but the heavy-lifting - which is actually executing the Python-code, would be taken care of for you.
As you can see, there is no concrete answer to this question, only suggestions.
A few useful links below:
https://docs.docker.com/
https://appdividend.com/2022/01/18/best-python-online-ide/
https://www.makeuseof.com/tag/programmer-browser-ides/
https://www.youtube.com/watch?v=og9Gaj1Hzag
How do I execute a string containing Python code in Python?
I have a Python code that needs to be able to execute a C++ code. I'm new to the idea of creating libraries but from what I have learned so far I need to know whether I need to use static or dynamic linking.
I have read up on the pros and cons of both but there is a lot of jargon thrown around that I do not understand yet and since I need to do this ASAP I was wondering if some light can be shed on this from somebody who can explain it simply to me.
So here's the situation. My C++ code generates some text files that have data. My Python code then uses those text files to plot the data. As a starter, I need to be able to run the C++ code directly from Python. Is DLL more suitable than SL? Or am I barking up the completely wrong tree?
Extra: is it possible to edit variables in my C++ code, compile it and execute it, all directly from Python?
It depends on your desired deployment. If you use dynamic linking will need to carefully manage the libraries (.so, .dll) on your path and ensure that the correct version is loaded. This can be helped if you include the version number in the filename, but then that has its own problems (security... displaying version numbers of your code is a bad idea).
Another benefit is that you can swap your library functionality without a re-compile as long as the interface does not change.
Statically linking is conceptually simpler and practically simpler. You only have to deploy one artefact (an .exe for example). I recommend you start with that until you need to move to the more complicated shared library setup.
Edit: I don't understand your "extra credit" question. What do you mean by "edit values"? If you mean can you modify variables that were declared in your C++ code, then yes you can as long as you use part of the public interface to do it.
BTW this advice is for the general decision. If you are linking from Python to C/C++ I think you need to use a shared library. Not sure as I haven't done it myself.
EDIT: To expand on "public interface". When you create a C++ library of whatever kind, you specify what functions are available to outside classes (look up how to to that). This is what I mean by public interface. Parts of your library are inaccessible but others (that you specify) are able to be called from client code (i.e. your python script). This allows you to modify the values that are stored in memory.
If you DO mean that you want to edit the actual C++ code from within your python I would suggest that you should re-design your application. You should be able to customise the run-time behaviour of your C++ library by providing the appropriate configuration.
If you give a solid example of what you mean by that we'll be able to give you better advice.
Yes it is possible!!
Try exploring subprocess module in python.
Following can be an example implementation of your scenario:
yourfile.cpp
#compilation
args = ['g++','-o','your_executable_name_with_path','yourfile.cpp_with_path']
your_compile = subprocess.Popen(args,stdin=subprocess.PIPE,stderr=subprocess.PIPE,stdout=subprocess.PIPE)
output,compilation_error = your_compile.communicate()
your_compile.wait()
#successful compilation then there will be execuatble
if not compilation_error:
#execuation
args = ['your_executable_name_with_path'] #command to run a an execuatble
your_run = subprocess.Popen(args,stdin=subprocess.PIPE,stderr=subprocess.PIPE,stdout=subprocess.PIPE)
your_code_output,runtime_error = your_run.communicate()
your_run.wait()
Further, you can tackle more cases and come up with an efficient design
I'm not quite sure how the idea of linking comes into what you are asking, but it sounds to me like you want to use something like SWIG, which allows you to create wrappers around C++ functions (and many other languages) which you can then call directly from your Python code.
Extra: is it possible to edit values in my C++ code, compile it and execute it directly from Python?
If I'm understanding this correctly, you want to use Python to change your C++ code, then compile and execute it? If this is the case, you may want to look into embedding the Python interpreter in your C++ program. This would mean doing things the other way around and having C++ run your Python script, instead of trying to do everything from Python.
I've got an iOS app that needs to run efficiently and accurately. There's a lot of parameters involved in the code and different combinations of them provide varying results of success. So I plan to write a genetic algorithm to go ahead and find some good parameter sets for me. While I could do this using Objective-C directly in Xcode, I would complete this task much faster and enjoy it more writing the genetic algorithm part in Python. Is there any good way to control Xcode through Python? As in, be able to execute the simulator/device app through Xcode and get feedback from it using external code? I know a keyboard macro would be possible, but that approach would probably be a bit clumsy. If there's some way to directly control it programmatically, that would be great. Thanks!
Your question is not very clear.
Do you want to control Xcode to run your app ? Do you want to be able to change anything like flags automatically ?
If you want to control Xcode by writing code explaining what to do or even where to clic you can write an AppleScript
Maybe also take a look at this post
But if your question is about performing automatic UI tests maybe see UIAutomation, Calabash or MonkeyTalk
let us assume that there is a big, commercial project (a.k.a Project), which uses Python under the hood to manage plugins for configuring new control surfaces which can be attached and used by Project.
There was a small information leak, some part of the Project's Python API leaked to the public information and people were able to write Python scripts which were called by the underlying Python implementation as a part of Project's plugin loading mechanism.
Further on, using inspect module and raw __dict__ readings, people were able to find out a major part of Project's underlying Python implementation.
Is there a way to keep the Python secret codes secret?
Quick look at Python's documentation revealed a way to suppres a import of inspect module this way:
import sys
sys.modules['inspect'] = None
Does it solve the problem completely?
No, this does not solve the problem. Someone could just rename the inspect module to something else and import it.
What you're trying to do is not possible. The python interpreter must be able to take your bytecode and execute it. Someone will always be able to decompile the bytecode. They will always be able to produce an AST and view the flow of the code with variable and class names.
Note that this process can also be done with compiled language code; the difference there is that you will get assembly. Some tools can infer C structure from the assembly, but I don't have enough experience with that to comment on the details.
What specific piece of information are you trying to hide? Could you keep the algorithm server side and make your software into a client that touches your web service? Keeping the code on a machine you control is the only way to really keep control over the code. You can't hand someone a locked box, the keys to the box, and prevent them from opening the box when they have to open it in order to run it. This is the same reason DRM does not work.
All that being said, it's still possible to make it hard to reverse engineer, but it will never be impossible when the client has the executable.
There is no way to keep your application code an absolute secret.
Frankly, if a group of dedicated and determined hackers (in the good sense, not in the pejorative sense) can crack the PlayStation's code signing security model, then your app doesn't stand a chance. Once you put your app into the hands of someone outside your company, it can be reverse-engineered.
Now, if you want to put some effort into making it harder, you can compile your own embedded python executable, strip out unnecessary modules, obfuscate the compiled python bytecode and wrap it up in some malware rootkit that refuses to start your app if a debugger is running.
But you should really think about your business model. If you see the people who are passionate about your product as a threat, if you see those who are willing to put time and effort into customizing your product to personalize their experience as a danger, perhaps you need to re-think your approach to security. Assuming you're not in the DRM business, or have a similar model that involves squeezing money from reluctant consumers, consider developing an approach that involves sharing information with your users, and allowing them to collaboratively improve your product.
Is there a way to keep the Python secret codes secret?
No there is not.
Python is particularly easy to reverse engineer, but other languages, even compiled ones, are easy enough to reverse.
You cannot fully prevent reverse engineering of software - if it comes down to it, one can always analyze the assembler instructions your program consists of.
You can, however, significantly complicate the process, for example by messing with Python internals. However, before jumping to how to do it, I'd suggest you evaluate whether to do it. It's usually harder to "steal" your code (one needs to fully understand them to be able to extend them, after all) than code it oneself. A pure, unobfuscated Python plugin interface, however, can be vital in creating a whole ecosystem around your program, far outweighing the possible downsides to having someone peek in your maybe not perfectly designed coding internals.
I have an application written in python. I created a plugin system for the application that uses egg files. Egg files contain compiled python files and can be easily decompiled and used to hack the application. Is there a way to secure this system? I'd like to use digital signature for this - sign these egg files and check the signature before loading such egg file. Is there a way to do this programmatically from python? Maybe using winapi?
Is there a way to secure this system?
The answer is "that depends".
The two questions you should ask is "what are people supposed to be able to do" and "what are people able to do (for a given implementation)". If there exists an implementation where the latter is a subset of the former, the system can be secured.
One of my friend is working on a programming competition judge: a program which runs a user-submitted program on some test data and compares its output to a reference output. That's damn hard to secure: you want to run other peoples' code, but you don't want to let them run arbitrary code. Is your scenario somewhat similar to this? Then the answer is "it's difficult".
Do you want users to download untrustworthy code from the web and run it with some assurance that it won't hose their machine? Then look at various web languages. One solution is not offering access to system calls (JavaScript) or offering limited access to certain potentially dangerous calls (Java's SecurityManager). None of them can be done in python as far as I'm aware, but you can always hack the interpreter and disallow the loading of external modules not on some whitelist. This is probably error-prone.
Do you want users to write plugins, and not be able to tinker with what the main body of code in your application does? Consider that users can decompile .pyc files and modify them. Assume that those running your code can always modify it, and consider the gold-farming bots for WoW.
One Linux-only solution, similar to the sandboxed web-ish model, is to use AppArmor, which limits which files your app can access and which system calls it can make. This might be a feasible solution, but I don't know much about it so I can't give you advice other than "investigate".
If all you worry about is evil people modifying code while it's in transit in the intertubes, standard cryptographic solutions exist (SSL). If you want to only load signed plugins (because you want to control what the users do?), signing code sounds like the right solution (but beware of crafty users or evil people who edit the .pyc files and disables the is-it-signed check).
Maybe some crypto library like this http://chandlerproject.org/Projects/MeTooCrypto helps to build an ad-hoc solution. Example usage: http://tdilshod.livejournal.com/38040.html