File download is done by a standard GET request, using a URL from the FILE_INFO element. The file offset, if any, is given in the HTTP header.
TODO: is this right?
File upload is done using POST operations to a CGI program. A security mechanism prevents unauthorized upload of large amounts of data to the server. Two RPC operations are used.
1) Get file size
The request message has the form:
<file_size_req>filename</file_size_req>TODO: should have a separate <filename> tag
The reply message has the form:
<status>0</status> <nbytes>1234</nbytes>Where nbytes is 0 if the file doesn't exist. There are no security mechanisms.
2) Upload file
Request message format:
<file_info> ... <xml_signature> ... </xml_signature> </file_info> <nbytes>x</nbytes> <offset>x</offset> <data> ... (data)
The <file_info> element is the exact text sent from the scheduling server to the client. It includes a signature based on the project's file upload authentication key pair. <nbytes> is the amount of data being uploaded. <offset> is the offset within the file.
TODO: this should all be within a request tag
Reply message format:
<status>x</status> [ <error>bad file size</error> ]The status is zero if the operation succeeded.