![[Contents]](../../manuals/icons/contents.gif){kind=icon}
![[Prev]](../../manuals/icons/prev.gif){kind=icon}
![[Next]](../../manuals/icons/next.gif){kind=icon}
One potentially exciting applications of Knowbot Programs is to provide dynamic Web content at remote servers. This application would allow Internet service providers (ISPs) to support dynamic content for customers hosting their Web sites on the ISP's servers without having to allow the customer to run untrusted CGI scripts.
Many ISPs provide their customers with some amount of disk space for use as personal Web pages. The common limitation here is that these pages are required to be static since there are serious security concerns in allowing, for example, customers to upload arbitrary CGI scripts. Servlets, small Java applications that run inside Java enabled Web servers, don't really address the issue since they are typically not uploaded into servers from random clients, but are instead provided by the Web administrators in a manner similar to CGI scripts. Short of the honor system, there is no general solution which allows any untrusted but authorized user to install their own dynamic content generating programs into an ISP's Web server, with the guarantee that such programs cannot harm the system on which they are running, or gain unauthorized access to other parts of the operating system.
By co-locating a KOS with a Web server, an ISP can allow arbitrary users to essentially upload any content for provision to the general public. For static content, documents can be stored in a KPs suitcase, and a simple mapping from the suitcase structure to a URL namespace can be employed. For dynamic content, methods on the KP can be invoked in response to GET or POST requests as registered by the KP. Even for static requests, methods may be optionally invoked, which would allow the KP to mediate any access to its internal documents. This might allow for KP specified access control, logging, notification (e.g. by sending a clone back to the home KOS), or negotiation with other KPs.
The use of a KP to provide dynamic content allows the server's administrators to protect their systems against harm, and to tightly control access to system resources by the KP. Both of these benefits are due to the restricted execution environment in which KP run.
The demonstration supports two distinct forms of content: static content is content which does not require computation by the Knowbot Program to be served to the user, and can be handled entirely by the infrastructure provided by the implementation. Dynamic content requires computation, and can be provided by the Knowbot Program on a per-request basis.
Supporting this service requires two pieces of infrastructure at the ISP, in addition to a Knowbot Service Station and a Web server:
With this infrastructure in place, Knowbot Programs are able to arrive at the ISP's Knowbot Service Station and register as content providers. Once registered, they may supply static content which is handled directly by the CGI script which implements the bridge between the two environments. In the demonstration implementation, static content is provided without any further communication between the bridge and the KP providing the content: the KP's presense is not required, allowing it to terminate or leave the KSS. Additionally, content providers may register to supply dynamic content. The implementation will call the on KP to provide dynamic content whenever there is no static content matching the request. This arrangement allows the static and dynamic content to completely overlap in "URL space", avoiding a separate area for dynamic content as is often found in servers with a restricted sub-space for CGI programs (typically called something creative like /cgi-bin/ or something similar).
Three sample Knowbot Programs which provide Web content are included in the demos/provider/kps directory. One provides static content only, one provides both static and dynamic content, and the last provides a larger application entirely as dynamic content.