Fermion – The Scheme Web Server
Fermion is a fast and secure web server written in Scheme. It is optimized to serve dynamic content generated by Scheme scripts. It is part of the larger Spark-Scheme project. It uses light-weight green threads to handle client requests and can efficiently serve thousands of simultaneous connections.
The following code starts an instance of Fermion:
;; file: my-http.ss
(import (net)
(http))
(web-server-start (web-server))
Create a HTML file called index.html and place it along with my-http.ss. This will be the default page served by our http server.
Start the web server with the command `spark my-http.ss’. Now you can access index.html with the URL: http://localhost.
The forte of Fermion is not in serving static files, but in generating content dynamically based on user input or some other volatile parameter. Let us write a simple web application that will greet the user based on the time of the day.
;; file: greet.ss
(import (aura))
(define (greet new-uri state)
(((sgml
`(html
(body
(b ,(greeting-by-hour)))))
'text)))
(define (greeting-by-hour)
(let ((hour (date-hour (seconds->date (current-seconds)))))
(cond ((<= hour 12) "Good morning!")
((<= hour 17) "Good afternoon!")
(else "Good evening"))))
(list greet)
[/sourcecode]
The procedure <em>greet</em> will be executed by the web server, by passing it two arguments. <em>new-uri</em> will be a dynamically generated URI to which any further requests, like a form POST, should be send. <em>state</em> is a hash table that contains the current state of the session. For instance, it will contain values posted by previous requests. The web application exports a list of procedures that will be executed by Fermion, in the given order. Thus the programmer can design a web application as a sequence of operations, much like a normal console program. The <em>greet</em> sample also makes use of a library called <em>aura</em> which can be used to write SGML documents in Scheme syntax.
Fermion is a <em>secure </em>web server. It is possible to impose some control over HTTP requests by using configuration options. An example is given below:
(define httpd (web-server
(list 'port 8080 ;; Web server will listen on port 8080.
'session-timeout (* 2 60) ;; 2 minutes
'max-header-length (* 112 1024) ;; Size of request header
;; limited to 112kb.
'max-body-length (* 512 1024) ;; Size of request body limited to
;; 512kb.
'max-response-size (* 512 1024)))) ;; Size of response limited to
;; 512kb.
Fermion provide hooks where new procedures can be plugged-in to implement advanced security and compliance features. For instance, the following sample shows how to hook a procedure to check the length of the request URI. If the URI contain more than 512 characters, the request will be blocked.
(import (net)
(http-request-parser)
(http))
(define httpd (web-server))
;; The security hook procedure.
(define (check-uri-length httpd
client-connection
http-request)
(cond ((> (string-length (http-request-uri http-request)) 512)
(printf "Request URI too long. Closing connection.~n")
(flush-output)
(socket-close (connection-socket client-connection))
#f)
(else ;; Let the web server's request handler do its job.
#t)))
(web-server-hook! httpd 'before-handle-request check-uri-length)
(web-server-start httpd)
User defined policies can be applied on the response by using the ‘before-send-response hook.
I hope that Scheme hackers will find Fermion useful in their real-world web development tasks.
Links:
Fermion documentation.
(λ x. x x) (λ x. x x) 