Hi Nathan, Am 17.02.2008 um 18:18 schrieb Nathan Weizenbaum: > Very cool idea, but don't you think you're kind of re-inventing the > wheel? This is exactly what _why's freaky freaky sandbox > (http://code.whytheluckystiff.net/sandbox/) is for, and that's been > more > extensively verified.
I guess if my safemode plugin was a wheel than why's freaky sandbox probably would be ... errr .. a Dodge Challenger maybe? Yeah, if we could rely on freaky sandbox that certainly would suite well as a solid foundation to cut access to system resources. But for one thing in templates we need higher level access control. An application will want to control access to certain model attributes and allow access e.g. to a user name but not the password. That's what Liquid does with its so called drops. I'm pretty sure this level of control would need to be added on top of freaky sandbox, too. Also (maybe more importantly) freaky sandbox needs a patched Ruby version, so we can't rely on it for this in applications like Mephisto. ParseTree and Ruby2ruby are available as gems (and there's an upcoming RubyParser which only relies on Ruby itself, other than ParseTree - I haven't been able to get it working within Rails, though). That said, if there already are more extensively tested solutions I'm totally open to drop my stuff and use them. I'm just craving for a sane template solution for themes (and I believe, I'm not alone with this ;) > Sven Fuchs wrote: >> I've been playing with an experimental implementation of a Haml >> safemode plugin for the last two weeks or so and I think it's time to >> get some feedback from a larger audience. >> >> The purpose of this effort is that I'd like to see an alternative to >> Liquid as a template engine for themes in applications like Mephisto. >> The problem at hand is, of course, that such a template engine has to >> be pretty restrictive in what it allows templates to do. Haml just >> evaluates Ruby code, so it isn't an option. But on the other hand >> Haml >> totally rocks while Liquid really doesn't in quite some regards. So, >> this is an attemp to combine some of both worlds. >> >> Feedback highly appreciated! :) >> >> >> [1] the code: >> http://svn.artweb-design.de/stuff/rails/haml_safemode >> >> [2] latest blog post about the plugin: >> Sending Ruby to the jail: an attemp on a Haml Safemode >> http://www.artweb-design.de/2008/2/17/sending-ruby-to-the-jail-an-attemp-on-a-haml-safemode >> >> [3] initial, excited speculations about the feasibility of this: >> Sexy Theme Templating with Haml Safemode! Finally ... >> http://www.artweb-design.de/2008/2/5/sexy-theme-templating-with-haml-safemode-finally >> >> >> >> >> -- >> sven fuchs [EMAIL PROTECTED] >> artweb design http://www.artweb-design.de >> grünberger 65 + 49 (0) 30 - 47 98 69 96 (phone) >> d-10245 berlin + 49 (0) 171 - 35 20 38 4 (mobile) >> >> >> >> >>> >> >> > > > > -- sven fuchs [EMAIL PROTECTED] artweb design http://www.artweb-design.de grünberger 65 + 49 (0) 30 - 47 98 69 96 (phone) d-10245 berlin + 49 (0) 171 - 35 20 38 4 (mobile) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Haml" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/haml?hl=en -~----------~----~----~----~------~----~------~--~---
