Alex Hisen wrote:
We've just finished a complete overhaul of http://
<http://aolserver.am.net/> aolserver.am.net/ and our entire company web
site. A much better look, better navigation and better organization of
content. We've also taken the opportunity to release some new C and Tcl
modules:
* ADP Master Pages Tcl Module
<http://aolserver.am.net/code/modules/masterpages.adpx> - implements
ASP.NET 2.0-style Master Pages under AOLserver 4.0
Thanks for sharing this with the community. It's been somewhat
depressing to see every php system include a simple templating system
but nothing really solid under AOLserver. (I know OpenACS has a
templating system but I didn't look at it long enough to grok all the
complexity therin, not to mention that it is tightly tied to OpenACS.)
One thought I had while looking at it is that it isn't really suitable
for letting untrusted users upload arbitrary master pages for
layout/styling/etc, as the users could then run scripts in the pages.
I thought to myself, wouldn't a controlled environment for ADPs be nice?
So I started looking at what it would take to add in a safe adp
execution mode, and I was happy to find that although it's not
documented, it already exists!
So a suggestion: it would be a nice enhancement to allow for untrusted
master pages that are run in safe mode. I'm not entirely sure what
behavior makes the most sense (i.e., what can and can not be in safe
mode) but the implementation should be pretty simple :)
-J
--
AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]>
with the
body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject:
field of your email blank.
