Confirmed users
920
edits
MDN/Archives/Kuma/Scripting: Difference between revisions
no edit summary
LesOrchard (talk | contribs) No edit summary |
LesOrchard (talk | contribs) No edit summary |
||
| Line 69: | Line 69: | ||
== Miscellaneous notes == | == Miscellaneous notes == | ||
* [http://nodejs.org/docs/v0.3.1/api/vm.html#vm.runInNewContext Built-in node.js sandboxing features] | |||
* [http://gf3.github.com/sandbox/ Sandbox] to wrap JS execution in node.js? | |||
** Seems to have some more features than built-in node.js sandboxing | |||
** timeouts, restricted method access, graceful errors | |||
* Use standalone [http://embeddedjs.com/ embedded JS templates] instead of literals embedded in script? | * Use standalone [http://embeddedjs.com/ embedded JS templates] instead of literals embedded in script? | ||
** Employs code-in-markup instead of markup-in-code, and avoids the need for fancy compiler hijinx | ** Employs code-in-markup instead of markup-in-code, and avoids the need for fancy compiler hijinx | ||
| Line 85: | Line 89: | ||
* Plentiful and intelligent HTTP-based caching | * Plentiful and intelligent HTTP-based caching | ||
Content gets edited on Kuma. Document views get proxied through node.js-based | |||
filter service that evaluates embedded template invocations. Communication | |||
between Kuma and node.js service is heavily cached, stateless HTTP. | |||
'''DRAWRINGS GO HERE''' | |||
=== Sandboxed | === Code samples (imaginary) === | ||
Inline expressions limited to invoking long-form templates, rather than | |||
free-form scripting. Still looks familiar, though:<pre> | |||
<li>The <code>value</code> attribute of {{HTMLElement("li")}} now can be | |||
negative as specified in HTML5. Previously negative values were converted | |||
to 0.</li> | |||
</pre> | |||
Long-form templates become [https://github.com/visionmedia/ejs embedded JS templates], | |||
something like this:<pre> | |||
<% | |||
/* accepts as input one required parameter: HTML element to create a xref to */ | |||
var uri = uri.parts(Page.uri); | |||
var lang = string.tolower(uri.path[0]); | |||
if (string.contains(lang, "project") || string.contains(lang, "Project")) { | |||
let lang = string.substr(lang, 8); | |||
} | |||
/* fall back to page.language on a user page */ | |||
else if (string.StartsWith(lang, "user:")) { | |||
let lang = page.language; | |||
} | |||
var name = arguments[0]; | |||
var sectionname = "Element"; | |||
if (!string.compare("es", string.tolower(lang))) { | |||
sectionname = "Elemento"; | |||
} | |||
if (args.title) { | |||
name = args.title; | |||
} | |||
var dest = lang + '/' + 'HTML/' + sectionname + '/' + name; | |||
var destEng = 'en/HTML/Element/' + name; | |||
if (wiki.pageExists(dest)) { /* the page exists */ | |||
%> <code><%- web.link(wiki.uri(dest), '<' + name + '>')) %></code> <% | |||
} else if (lang == 'zh_tw' && wiki.pageExists(destEng)){ | |||
/* the MozTW community consider links to English pages better than red ones. | |||
I'll write about this to mozilla.dev.mdc later */ | |||
%> <code><%- web.link(wiki.uri(destEng), '<' + name + '>')) %></code> <%; | |||
} else { /* the page doesn't exist */ | |||
var targeturi = "https://developer.mozilla.org/Article_not_found?uri=" .. dest; | |||
%> <code><a rel="internal" href="<%= targeturi %>" class="new"><%- web.text('<' .. name .. '>') %></a></code> <% | |||
} | |||
%> | |||
</pre> | |||
=== Sandboxed JavaScript execution === | |||
* Can this be done in a way that restricts file, network, memory, and CPU usage? | * Can this be done in a way that restricts file, network, memory, and CPU usage? | ||
* | ** Anything else dangerous and in need of restriction? | ||
** | * Options inside node.js | ||
* No filesystem access at all (chroot?) | ** node.js has sandboxing out-of-the-box, and there's [http://gf3.github.com/sandbox/ Sandbox] | ||
* Whitelisted network access (firewall rules?) | ** There's also [http://gf3.github.com/sandbox/ Sandbox] | ||
* Limited execution time (kill the process after 30 sec?) | * Options for host running node.js | ||
* Limited memory usage (kill the process after 10MB consumed?) | ** No filesystem access at all (chroot?) | ||
* Auto-disable script if abuse detected | ** Whitelisted network access (firewall rules?) | ||
** Limited execution time (kill the process after 30 sec?) | |||
** Limited memory usage (kill the process after 10MB consumed?) | |||
** Auto-disable script if abuse detected? | |||