Respect for user data and how perl saved the day

This about a general principle and a specific instance where the principle was ignored but perl saved the day.

The principle is that user data is precious and should be respected and preserved. This idea is not new, in fact it's fairly obvious but almost certainly ignored by the application you're currently staring at.

The first (only?) time I saw it explicitly stated was in the book The Humane Interface (an excellent read, unfortunately the author died last year) and the reason I'm writing about it now is because I've just been bitten again so I want a rant (and nobody reads my blog)!

So, there I was typing a long post into a text box on a webiste not unlike Perlmonks. I was not too familiar with their system to I clicked on Preview, spotted a mistake and immediately clicked Back to fix it. Doh! Where's my posting? Click Forward and I get some message about resending data, OK go ahead. Nothing. My posting was gone. My 30 minutes of typing all for nothing. Arghhh! We wouldn't tolerate this kind of behaviour from the crappiest text editor, why do we tolerate it from web broswers?

I notice that blogger.com's post editor has an onclose action that warns you that you're about to throw away your edits but really it shouldn't be up to every website in the world to script this basic and obvious safety measure. The bug I filed against Firefox has sat untouched since I filed it.

Anyway, now the perl connection...

The last time this happened I was none too happy. I did the usual creative swearing and name calling and I said "that data's got to be sitting inside Firefox somewhere, there must be way to recover it through /proc". My colleague replied that he'd tried doing this before but it hadn't worked for him. Well, God loves a trier so we spent a little while looking at man pages and came up with this

#! /usr/bin/perl

use strict;
use warnings;

use POSIX qw ( SIGCONT );

my $pid = shift;

my $base = "/proc/$pid";
open(my $mem_fh, "$base/mem") || die "$base/mem: $!";
open(my $maps_fh, "$base/maps") || die "$base/maps: $!";

require 'syscall.ph';
my $result = syscall(&SYS_ptrace, 16, int($pid), 1, 0);

if ($result == -1) {
  die "Error: $!\n";
}

while (<$maps_fh>)
{
  my ($start, $end) = map {hex($_)} /^(\w+)-(\w+)/;

  dump_range_seek($mem_fh, $start, $end - $start);
}

# wake the patient back up
kill(SIGCONT(), $pid);

sub dump_range_seek
{
  my $fh = shift;
  my $start = shift;
  my $len = shift;

  my $seek = sysseek($fh, $start, 0);
  die "seek, $!" unless defined($seek);
  # warn "seek = $seek";

  my $buf;
  while ($len)
  {
    my $chunk = $len > 4096 ? 4096 : $len;
    # warn "reading $chunk\n";
    my $read = sysread($fh, $buf, $chunk);
    die "$!" unless defined($read);

    die "read 0" unless $read;
    $len -= $read;
    print $buf;
  }
}
[download]

Save it as catmem.pl and then run catmem.pl $PID > some_file and it will dump out the entire memory image of that process. The it's just a matter of applying the usual unix tools like strings and grep to find what you're looking for. Of course this isn't guaranteed, it highly dependent on how the application in question stores your data etc etc but for Firefox at least it tends to find a fairly recent revision of what you've lost.

So if you work on a project that allows users to input anything longer than word or two, please show some respect and don't ever throw their data away. That doesn't mean you have to badger them with prompts every time they change screens, it could just be a matter of providing an undo function are maintaining a history of strings that have been typed but not saved.

End rant.

P.S. Yes, I typed his all in via a Firefox text box :)

Comment on Respect for user data and how perl saved the day Select or Download Code

Replies are listed 'Best First'.
Re: Respect for user data and how perl saved the day by BrowserUk (Patriarch) on Feb 13, 2006 at 22:07 UTC
P.S. Yes, I typed his all in via a Firefox text box :) Perhaps it's just as well you didn't notice the missing 't' :) Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error. Lingua non convalesco, consenesco et abolesco. -- Rule 1 has a caveat! -- Who broke the cabal? "Science is about questioning the status quo. Questioning authority". In the absence of evidence, opinion is indistinguishable from prejudice.	[reply] [d/l]
Re: Respect for user data and how perl saved the day by tinita (Parson) on Feb 13, 2006 at 23:00 UTC
So, there I was typing a long post into a text box on a webiste not unlike Perlmonks. I was not too familiar with their system to I clicked on Preview, spotted a mistake and immediately clicked Back to fix it. Doh! Where's my posting? Annoying, yes... What I'm doing in Opera if I fill out a big form and I'm scared it could vanish, I click on "Create linked". The POST will appear in a newly opened tab, the original window still contains the filled out form. still, this is just an unnerving workaround...	[reply]
Re: Respect for user data and how perl saved the day by zentara (Archbishop) on Feb 14, 2006 at 13:28 UTC
This must be system-dependent, because on my system, with a grsecurity enhanced kernel ( widely used security patch), it responds "Error: Operation not permitted". I'm not really a human, but I play one on earth. flash japh	[reply]
Re^2: Respect for user data and how perl saved the day by fergal (Chaplain) on Feb 14, 2006 at 14:13 UTC
I guess so. Although I can't see any great security benefit in preventing a user from accessing the memory of their own process. That said accessing that memory is a bit of an odd thing to do and isn't something you'd tend to do on a production server for example. You might find that you can't run `strace -p $PID` or `gdb $PID` either. If that's the case then I suppose it's intentional. Welcome to the world of DRM :) At least in this case you can probably turn it off.	[reply] [d/l] [select]
Re: Respect for user data and how perl saved the day by Anonymous Monk on Feb 13, 2006 at 23:29 UTC
Hmmm, I've been thinking I need an excuse to learn Tk and WWW::Mechanize. Should be possible to make a perl app that edits/saves/loads text on a web page, eh?	[reply]
Re^2: Respect for user data and how perl saved the day by Errto (Vicar) on Feb 14, 2006 at 00:02 UTC
Yes, but not using those modules. WWW::Mechanize is designed to act like a web browser, but if I understand your idea correctly, you need a Perl program to interact with the web browser you the user are already using. For this you can use programmatic control modules. For IE this would be Win32::OLE with the 'InternetExplorer' class or perhaps SAMIE. For Firefox there's some equivalent but I haven't looked into it. My personal workaround is when I'm about to submit a big text block, I copy and paste it in a text editor before hitting the button. But that also is a bit of a pain.	[reply]
Re^2: Respect for user data and how perl saved the day by diotalevi (Canon) on Feb 14, 2006 at 00:09 UTC
You could write a Sniffer::HTTP program that makes backups of your posts without requiring any changes to your browser at all. ⠤⠤ ⠙⠊⠕⠞⠁⠇⠑⠧⠊	[reply]
Re^3: Respect for user data and how perl saved the day by fergal (Chaplain) on Feb 14, 2006 at 14:18 UTC
Or you could install a mouse/keystroke logger or take screenshots of X every few minutes and then we could get rid of those annoying "Are you sure you want to discard your changes" dialogs from all our applications :)	[reply]
Re^4: Respect for user data and how perl saved the day by diotalevi (Canon) on Feb 14, 2006 at 16:37 UTC
Re^3: Respect for user data and how perl saved the day by davis (Vicar) on Feb 14, 2006 at 09:42 UTC
That relies on your browser sending the information. If you click the "back" button, no data is sent. davis Kids, you tried your hardest, and you failed miserably. The lesson is: Never try.	[reply]


Come for the quick hacks, stay for the epiphanies.
	PerlMonks