Back at Cambridge for round 2, and I decided that in my second year I’m far too busy to do much theatre at all. I still manage to steward and see shows here and there, but not helping and getting involved in the same way as I was last year. It’s a bit sad but hey, I’m here to actually do my degree…

Anyway, my friend is producing the CUADC/Footlights Pantomime 2016 Rumpelstiltskin and he asked if I wanted to get involved in the show by writing them a simple little website as a publicity trick: http://www.isitpantoyet.co.uk. This seemed like an opportunity too good to pass: create a silly little static HTML page with some PHP to tell the date and get a Camdram credit?! Seemed too good to be true.

I decided this was too easy so set myself the additional challenge of making the website as secure as I could. The SRCF doesn’t allow for https over custom domain names (you can still get the site over https through the default URL for my userspace https://chtj2.user.srcf.net/panto_countdown/) so I decided I’d have to PGP-sign all the code. With some custom PHP going on this require some reasonably careful thought, sparing use of line breaks and the –clearsign gpg command.

But long story short, I managed it! Check out the page source to see the HTML or check out my GitHub gists of the backend server-side code:

If you’re savvy you should also be able to run ‘curl http://www.isitpantoyet.co.uk | gpg‘ or something and hopefully it’ll spit back the HTML, minus the headers, and tell you it was signed by my key.

When you can’t https, PGP. Although in all seriousness, you should definitely be using https now ever since Let’s Encrypt offers certificates for free…

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>