Question: Developing a web application-- What is the best way to allow for FASTA file upload, and then running a script on that file?
0
gravatar for kbun
5.0 years ago by
kbun10
USA/National Institutes of Health
kbun10 wrote:

Currently developing a small web pipeline for miRNA-seq analysis, using Python and Flask.

I want the user to be able to upload a FAFSA file, which the server will then map to a genome. What is the best way to allow for a user to upload a file, and then running an external script (the mapping tool that is on the server) on it, without security vulnerabilities?

rna-seq web • 1.3k views
ADD COMMENTlink modified 5.0 years ago • written 5.0 years ago by kbun10
1

an instance of galaxy ?

ADD REPLYlink written 5.0 years ago by Pierre Lindenbaum133k
1

It's generally inadvisable to do any kind of file-transfer over HTTP. A lot of overhead - connections can drop out - difficult to do securely - webserver's bandwidth/sockets get used up, etc.
Write a Galaxy plugin - leave all the data-transfer nonsense to the pros and focus on the pipeline/backend. Also, as a plugin, we can all benefit from your work too :)
Also, there's no way to do any of this securely. I'm sure if anyone actually tried to find a buffer overflow in any bioinformatic tool, they would be spoilt for choice.

ADD REPLYlink written 5.0 years ago by John12k

I fail to see how this is specific to bioinformatics other than that the service should process a text file that happens to be a fasta file. Anyway if you think that's specific enough, you have about 100 different choices:

1) Make a simple cgi script
2-100) choose a web-framework see https://www.airpair.com/python/posts/django-flask-pyramid

Maybe a micro framework? In all cases you need to read the docs on how to sanitize user input for calling sys props safely, check stack overflow for that. http://stackoverflow.com/a/35858

Edit agree, use Galaxy you are mentioning a pipeline, so it's not only a single tool?

ADD REPLYlink modified 12 months ago by _r_am32k • written 5.0 years ago by Michael Dondrup48k
Please log in to add an answer.

Help
Access

Use of this site constitutes acceptance of our User Agreement and Privacy Policy.
Powered by Biostar version 2.3.0
Traffic: 1268 users visited in the last hour
_