The documentation changes for the original change being discussed (1st message of the thread) went live:
Proofreading for typos is welcome.
RFC: Not enabling WebREPL by default on boot in 1.8.6
Re: RFC: Not enabling WebREPL by default on boot
Awesome MicroPython list
Pycopy - A better MicroPython https://github.com/pfalcon/micropython
MicroPython standard library for all ports and forks - https://github.com/pfalcon/micropython-lib
More up to date docs - http://pycopy.readthedocs.io/
Pycopy - A better MicroPython https://github.com/pfalcon/micropython
MicroPython standard library for all ports and forks - https://github.com/pfalcon/micropython-lib
More up to date docs - http://pycopy.readthedocs.io/
Re: RFC: Not enabling WebREPL by default on boot
Dear @pfalcon (Paul if I can), thanks you for your replies. By the way I think 1.8.6 implementation is a big step ahead with webrepl usability.
Regarding clear passwords I have one more use case... just make a laugh, it's a funny story
Recently I gave away a couple of WeMos devices with my micropython application code and all. They contained also the clear password stored in the port_config.py. (1.8.6 does just change the file name). I just forgot to make a clean installation and the passwords were readable. I trust the people I gave the devices... it's just it reveals one of my passwords schemas, and I have to change that. You can blame me and my stupidity and I think I deserve that. But the issue here is that it's not just about stupid developers (like me). It's about security by design. I guess, that is also your point,
Regarding the 'advocating' vs. 'making' I couldn't agree more. I am a poor developer (and you know but I am actually looking for implementations of simple crypting algorithms to partially overcome that problem. I will open a specific thread (and/or Pull Request) when I have something worth to be considered by the community.
Thanks.
PS: the fix to my server serving any file was simply a black list of files, as you have guessed. Too stupid to be worth of mention in this thread.
Regarding clear passwords I have one more use case... just make a laugh, it's a funny story
Recently I gave away a couple of WeMos devices with my micropython application code and all. They contained also the clear password stored in the port_config.py. (1.8.6 does just change the file name). I just forgot to make a clean installation and the passwords were readable. I trust the people I gave the devices... it's just it reveals one of my passwords schemas, and I have to change that. You can blame me and my stupidity and I think I deserve that. But the issue here is that it's not just about stupid developers (like me). It's about security by design. I guess, that is also your point,
Regarding the 'advocating' vs. 'making' I couldn't agree more. I am a poor developer (and you know but I am actually looking for implementations of simple crypting algorithms to partially overcome that problem. I will open a specific thread (and/or Pull Request) when I have something worth to be considered by the community.
Thanks.
PS: the fix to my server serving any file was simply a black list of files, as you have guessed. Too stupid to be worth of mention in this thread.