Hi Jeremy,

It's interesting that you choose to restrict javascript usage to make it 
more safe to share content. Thanks for the explanation.


On Sunday, March 5, 2017 at 3:25:01 PM UTC-5, Jeremy Ruston wrote:
> Hi Matt
> Just to add to the answers from others,
> I'm also somewhat confused about why we have javascript macros then, and 
> what the difference is there.
> The objective of TiddlyWiki’s security restrictions is to make it possible 
> to safely share content between users. That requires that JavaScript code 
> be clearly identified so that the recipient can decide whether to trust it 
> enough to execute it or not; if we allowed inline JavaScript within 
> fragments of wikitext then a recipient couldn’t know whether they could 
> safely render incoming wikitext.
> So, JavaScript macros are permitted because they are readily identified as 
> such, and can be blocked when required.
> The other factor in TiddlyWiki’s design that affects the use of third 
> party JavaScript libraries is that TiddlyWiki doesn’t support the 
> traditional web development paradigm of keeping state data in the DOM (this 
> is the paradigm popularised a decade ago by jQuery). Instead, TiddlyWiki 
> uses a virtual DOM and differential updates (this is the paradigm used by 
> recent frameworks like React). The net effect is that TiddlyWiki generally 
> doesn’t support just dropping in a <script> tag like traditional web pages. 
> Having said that, the TiddlyWiki plugin library contains numerous examples 
> of properly integrating third party libraries.
> Best wishes
> Jeremy

You received this message because you are subscribed to the Google Groups 
"TiddlyWiki" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to tiddlywiki+unsubscr...@googlegroups.com.
To post to this group, send email to tiddlywiki@googlegroups.com.
Visit this group at https://groups.google.com/group/tiddlywiki.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to