Introduction
Introduction Statistics Contact Development Disclaimer Help
index.md - sites - public wiki contents of suckless.org
git clone git://git.suckless.org/sites
Log
Files
Refs
---
index.md (3487B)
---
1 ![quark](quark.svg)
2
3 quark is an extremely small and simple HTTP GET/HEAD-only web server for…
4 content.
5
6 The goal of this project is to do one thing and do it well, namely servi…
7 static web directories and doing that right. Most other solutions either…
8 too complex (CGI support, dependencies on external libraries, ...) or la…
9 features you expect (TLS, virtual hosts, partial content, not modified s…
10 ...). quark tries to find a midway and just restrict itself to being sta…
11 while still offering functions you only find in more bloated solutions a…
12 being as secure as possible (chroot, privilege dropping, strict parsers,…
13 malloc at runtime, pledge, unveil, ...).
14
15 Static web
16 ----------
17 We believe that most of the web does not need to be dynamic and increasi…
18 complexity on server-side applications is one of the main reasons for th…
19 obesity crisis. The common approach nowadays is to do everything on the …
20 including parsing requests, modifying files and databases, generating HT…
21 all that using unfit languages like PHP or JavaScript, which is a securi…
22 efficiency nightmare.
23
24 Over the years we have seen massive amounts of security holes in numerous
25 applications of tools commonly used for these jobs (PHP, node.js,
26 CGI-implementations, ...). The reason why we are in this situation in th…
27 place is due to the fact that the jobs of data processing and data
28 presentation, which should be separate, converged together into one.
29
30 The solution is to rely on static regeneration independent from the web …
31 which just serves static files. You can still implement e.g. form handle…
32 dynamic content which run as their own network instance and operate
33 independently from the web server. What's left is just to generate the s…
34 content using the database and repeating this process in case the databa…
35 updated.
36
37 This way the jobs of data processing and data presentation are separate …
38 with many advantages. All requests are handled with constantly low laten…
39 with the possibility of serving everything directly from RAM (using a ra…
40 Separated concerns make it very unattractive to attack the web server it…
41 and the attack surface that is left, if it is present at all, is the sep…
42 form handler, which can be implemented in a very simple, safe and effici…
43 manner.
44
45 In case there is an attack on this infrastructure and the attacker manag…
46 DoS the form handler, the serving of content is still unaffected.
47
48 TLS-support
49 -----------
50 quark does not natively support TLS. A more suckless approach than to
51 implement TLS into it is to use a TLS reverse proxy (e.g. [tlstunnel](ht…
52 [hitch](https://hitch-tls.org/) or [stunnel](https://www.stunnel.org/)).
53 It accepts encrypted TLS connections and forwards them as unencrypted
54 requests to a server. In this case, one can run such a reverse proxy to …
55 on a public IP address and forward the requests to a local port or UNIX-…
56
57 Solutions
58 ---------
59 * [saait](https://git.codemadness.org/saait/file/README.html) site gener…
60 * [stagit](https://git.codemadness.org/stagit/file/README.html) git page…
61
62 Development
63 -----------
64 You can [browse](//git.suckless.org/quark) the source code repository or…
65 copy with the following command:
66
67 git clone https://git.suckless.org/quark
68
69 Author
70 ------
71 * Laslo Hunhold ([email protected])
72
73 Please contact me when you find information that could be added to this …
You are viewing proxied material from suckless.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.