Hardening Drupal with WebAssembly

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  1. spec

    WebAssembly for Proxies (ABI specification) (by proxy-wasm)

    Wasm Labs dev here :)

    In mod_wasm, there are some differences with a pure CGI implementation. When Apache boots, it loads the configuration and initializes the WasmVM. When a new HTTP request arrives, the VM is ready so you don't need to initialize a different process to manage it.

    You still need to process the request and pass the data to the Wasm module. This step is done via STDIN through the WebAssembly System Interface (WASI) implementation [0]. The same happens in the opposite direction, as the module returns the data via STDOUT.

    So, the CGI pattern is still there, but it doesn't require new processes and all the code runs in a sandbox.

    However this is not the only way you can run a Wasm module. In this specific case, we use CGI via WASI. In other cases, you may compile a module to fulfill a specific API, like ProxyWasm [1] to create HTTP filters for proxies like Envoy.

    - [0] https://wasi.dev/

    - [1] https://github.com/proxy-wasm/spec

  2. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  3. wasi-libc

    WASI libc implementation for WebAssembly

    Wasm Labs dev here :)

    In mod_wasm, there are some differences with a pure CGI implementation. When Apache boots, it loads the configuration and initializes the WasmVM. When a new HTTP request arrives, the VM is ready so you don't need to initialize a different process to manage it.

    You still need to process the request and pass the data to the Wasm module. This step is done via STDIN through the WebAssembly System Interface (WASI) implementation [0]. The same happens in the opposite direction, as the module returns the data via STDOUT.

    So, the CGI pattern is still there, but it doesn't require new processes and all the code runs in a sandbox.

    However this is not the only way you can run a Wasm module. In this specific case, we use CGI via WASI. In other cases, you may compile a module to fulfill a specific API, like ProxyWasm [1] to create HTTP filters for proxies like Envoy.

    - [0] https://wasi.dev/

    - [1] https://github.com/proxy-wasm/spec

  4. php

    PHP compiled to WebAssembly (by wapm-packages)

    Is that possible, though? To compile PHP to WASM seems possible¹, but not sure if Drupal can be compiled: drupal does (did? back when I did Drupal it certainly did. I certainly did) some really funky metaprogramming and eval() stuff. Like keeping PHP in the database.

    ¹https://github.com/wapm-packages/php

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Unlocking Istio's Versatility: A Guide to WASM Plugins in Kubernetes

    5 projects | dev.to | 24 Jul 2023
  • Does Istio's WasmPlugin support proxy_on_grpc_call_close for WASM ABI spec?

    1 project | /r/istio | 24 Feb 2023
  • Extending Envoy with WebAssembly Proxy Filters

    2 projects | dev.to | 11 Jul 2022
  • A "Tiny" APISIX Plugin

    4 projects | dev.to | 27 Nov 2023
  • Show HN: Archgw: open-source, intelligent proxy for AI agents, built on Envoy

    5 projects | news.ycombinator.com | 19 Nov 2024