Stuart Axon wrote:
A web front end that could show the output as svg or png would be cool.
this can be achieved with simple CGI to import Shoebot, run a script and return the image output. I ought to make a proof of concept for this...
one caveat: having a server accept scripts from outside is a big, big security liability. Shoebot wasn't written with these concerns in mind -- it's not a sandboxed environment, and one could feed the server a simple os.system('rm -rf ~'). Even though "Shoebot injection attack" sounds pretty cool :)
this definitely shouldn't stay in the way of anyone's hackings, but a safer approach would be to have a preset script, and the front-end would only give access to the variables. I mean variables specified with var(). Maybe we should call these 'live variables' or 'live values' to avoid confusion.
_______________________________________________ Shoebot-devel mailing list [email protected] http://lists.tinkerhouse.net/listinfo.cgi/shoebot-devel-tinkerhouse.net
