Installation Part I
BystroTeX consists of the frontend (Racket) and backend (Java). The Java part works
like a server. It is actually an HTTP server. It listens on some port on the localhost.
We will start with setting up this server.1 Install JDK, SBT and Git
To install the server, you will need to install the following things on your computer:
2 Build things
Now execute the following commands:
git clone https://github.com/amkhlv/LaTeX2SVGServer
cd LaTeX2SVGServer
sbt assembly
This will take some time, as various libraries will have to be downloaded (and saved in ~/.ivy2 and ~/.sbt).
After that, the following JAR file will appear:
latex2svgserver.jar
3 Run
Our Java server will communicate to the Racket frontend some initial settings (including the anti-CSRF token) by writing them into an XML file. You have to decide how it should name this file and where to put it. Suppose that you decided to call it bystroConf.xml, and choosen some directory where it will be:
/path/to/bystroConf.xml
Under this assumption, start the server by typing the following command:
java -DbystroFile=/path/to/bystroConf.xml -Dbibfile=/path/to/yourBibTeXfile.bib -Dhttp.port=11111 -Dhttp.address=127.0.0.1 -jar latex2svgserver.jar
(Yes, you need to supply a BibTeX file. It may be empty.)
The port number 11111 is also up to you to choose. The frontend will know it because it will be written (among other things) to /path/to/bystroConf.xml
Now the server is running.
Notice that we specified the option -Dhttp.address=127.0.0.1. Therefore the server is only listening on a local interface (the “loopback”); it is not possible to connect to it from the outside. However, it would be still possible to attack it from a running browser by CSRF. Our defense is token and custom header. Should CSRF somehow succeed in spite of these measures, actually exploiting it would require a vulnerability in JLaTeXMath.