You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by Lars Trieloff <la...@trieloff.net> on 2008/02/20 14:33:47 UTC
How to I chmod -x on Javascript files
Hi,
I have been developing a Dojo Store binding for µjax that allows you
to bind your Sling repository quite quickly to a Dojo widget such as a
tree browser or a grid. Basically, all you need to do is adding those
lines to an HTML file:
<script type="text/javascript">
dojo.require("dijit.Tree");
dojo.require("dojox.data.UJaxStore");
</script>
<div dojoType="dojox.data.UJaxStore" url="/test" jsId="ifrUjaxStore"></
div>
<div dojoType="dijit.Tree" id="tree2" label="Root"
store="ifrUjaxStore"></div>
What you get looks like this: http://www.youtube.com/watch?
v=wwlZlWvrkGo which is also quite nice (you have deferred loading, it
stores the expansion state of the tree, etc) and demonstrates the
capabilities of Sling and Dojo quite well.
Of couse, I am planning to integrate this with Peter's Bunkai (he
already has the code), but here we expect the first problems. I wanted
to browse the dojo source tree itself, which contains lots of js
files. Everything is fine if you access the source file directly, but
I was unable to get the JSON representation (curl -u admin:admin http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
because Sling tries to execute the JS script then and gives me
following error message:
org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
So my question is how do I define subtrees that are not executable,
even if they contain a script. I think microsling originally had a
convention that only scripts in /scripts were actually executable, but
the current code deviates from this convention.
regards,
Lars
--
Lars Trieloff
lars@trieloff.net
http://weblogs.goshaky.com/weblogs/lars
Re: How do I chmod -x on Javascript files
Posted by Lars Trieloff <la...@trieloff.net>.
Btw, in order to be able to browse the whole repository, it would be
cool if anyone could look at SLING-250.
regards,
Lars
On 20.02.2008, at 14:33, Lars Trieloff wrote:
> Hi,
>
> I have been developing a Dojo Store binding for µjax that allows you
> to bind your Sling repository quite quickly to a Dojo widget such as
> a tree browser or a grid. Basically, all you need to do is adding
> those lines to an HTML file:
>
> <script type="text/javascript">
> dojo.require("dijit.Tree");
> dojo.require("dojox.data.UJaxStore");
> </script>
> <div dojoType="dojox.data.UJaxStore" url="/test"
> jsId="ifrUjaxStore"></div>
> <div dojoType="dijit.Tree" id="tree2" label="Root"
> store="ifrUjaxStore"></div>
>
> What you get looks like this: http://www.youtube.com/watch?v=wwlZlWvrkGo
> which is also quite nice (you have deferred loading, it stores the
> expansion state of the tree, etc) and demonstrates the capabilities
> of Sling and Dojo quite well.
>
> Of couse, I am planning to integrate this with Peter's Bunkai (he
> already has the code), but here we expect the first problems. I
> wanted to browse the dojo source tree itself, which contains lots of
> js files. Everything is fine if you access the source file directly,
> but I was unable to get the JSON representation (curl -u admin:admin http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
> because Sling tries to execute the JS script then and gives me
> following error message:
>
> org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
> defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
>
> So my question is how do I define subtrees that are not executable,
> even if they contain a script. I think microsling originally had a
> convention that only scripts in /scripts were actually executable,
> but the current code deviates from this convention.
>
> regards,
>
> Lars
>
> --
> Lars Trieloff
> lars@trieloff.net
> http://weblogs.goshaky.com/weblogs/lars
>
--
Lars Trieloff
lars@trieloff.net
http://weblogs.goshaky.com/weblogs/lars
Re: Change server side JavaScript extension to ecma (was: How to I chmod -x on Javascript files)
Posted by Bertrand Delacretaz <bd...@apache.org>.
On Fri, Feb 22, 2008 at 7:58 AM, Felix Meschberger <fm...@gmail.com> wrote:
> ... Basically, both .ecma and .es are ok for me. But then "es" sounds much
> like the two-letter country code for Spain ...
I'd be fine with .ecma as well. Unless someone wants to suggest .ch ?
-Bertrand (ducks and runs)
Re: Change server side JavaScript extension to ecma (was: How to I
chmod -x on Javascript files)
Posted by Felix Meschberger <fm...@gmail.com>.
Hi all,
Basically, both .ecma and .es are ok for me. But then "es" sounds much
like the two-letter country code for Spain ...
Regards
Felix
Am Donnerstag, den 21.02.2008, 18:10 +0100 schrieb David Nuescheler:
> hi guys,
>
> as I mentioned in the other thread, I think the primary
> issue is with making sure to delegate all the exact matches
> in the repository to "static" webdav delivery.
>
> I think that renaming the server-side ecma script stuff is great
> and should be done as soon as possible ;)
> I only have a very smallish bias for ".ecma" over ".es"
>
> regards,
> david
>
> On 2/21/08, Bertrand Delacretaz <bd...@apache.org> wrote:
> > On Thu, Feb 21, 2008 at 4:50 PM, Tobias Bocanegra
> > <to...@day.com> wrote:
> > > +1 good idea. but would be ".es" a better extension?
> >
> >
> > Agree with .es
> >
> >
> > -Bertrand
> >
Re: Change server side JavaScript extension to ecma (was: How to I chmod -x on Javascript files)
Posted by David Nuescheler <da...@day.com>.
hi guys,
as I mentioned in the other thread, I think the primary
issue is with making sure to delegate all the exact matches
in the repository to "static" webdav delivery.
I think that renaming the server-side ecma script stuff is great
and should be done as soon as possible ;)
I only have a very smallish bias for ".ecma" over ".es"
regards,
david
On 2/21/08, Bertrand Delacretaz <bd...@apache.org> wrote:
> On Thu, Feb 21, 2008 at 4:50 PM, Tobias Bocanegra
> <to...@day.com> wrote:
> > +1 good idea. but would be ".es" a better extension?
>
>
> Agree with .es
>
>
> -Bertrand
>
Re: Change server side JavaScript extension to ecma (was: How to I chmod -x on Javascript files)
Posted by Bertrand Delacretaz <bd...@apache.org>.
On Thu, Feb 21, 2008 at 4:50 PM, Tobias Bocanegra
<to...@day.com> wrote:
> +1 good idea. but would be ".es" a better extension?
Agree with .es
-Bertrand
Re: Change server side JavaScript extension to ecma (was: How to I chmod -x on Javascript files)
Posted by Tobias Bocanegra <to...@day.com>.
+1 good idea. but would be ".es" a better extension?
".jsp" <--> ".esp"
".js" <--> ".es"
regards, toby
On 2/21/08, Felix Meschberger <fm...@gmail.com> wrote:
> Hi all,
>
> Currently the extension ".js" is used as an extension for JavaScript
> files, regardless of whether they are intended to be executed on the
> server or client side. This might cause confusion for developers and
> might present problems when accessing such scripts to get them for
> client-side execution.
>
> I propose to acknowledge the ".js" extension to be used only for
> client-side scripts and to use ".ecma" for server side JavaScript files.
>
> WDYT ?
>
> Regards
>
> Felix
>
>
--
-----------------------------------------< tobias.bocanegra@day.com >---
Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001 Basel
T +41 61 226 98 98, F +41 61 226 98 97
-----------------------------------------------< http://www.day.com >---
Change server side JavaScript extension to ecma (was: How to I
chmod -x on Javascript files)
Posted by Felix Meschberger <fm...@gmail.com>.
Hi all,
Currently the extension ".js" is used as an extension for JavaScript
files, regardless of whether they are intended to be executed on the
server or client side. This might cause confusion for developers and
might present problems when accessing such scripts to get them for
client-side execution.
I propose to acknowledge the ".js" extension to be used only for
client-side scripts and to use ".ecma" for server side JavaScript files.
WDYT ?
Regards
Felix
Re: Support for direct script addressing (was: How to I chmod -x on Javascript files)
Posted by Tobias Bocanegra <to...@day.com>.
[x] Don't ever execute directly addressed scripts
[ ] Execute if some of the selectors has a certain value (e.g. last
selector is "exec")
[ ] Execute if there is an extension
[ ] Execute unless there is a special request header (e.g. X-Sling-Exec)
--
-----------------------------------------< tobias.bocanegra@day.com >---
Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001 Basel
T +41 61 226 98 98, F +41 61 226 98 97
-----------------------------------------------< http://www.day.com >---
Re: Support for direct script addressing (was: How to I chmod -x
on Javascript files)
Posted by Felix Meschberger <fm...@gmail.com>.
Hi Lars,
Issue would be nice, yes.
Regards
Felix
Am Montag, den 25.02.2008, 14:11 +0100 schrieb Lars Trieloff:
> Should I file a bug for this issue? I think everybody has voted on not
> executing scripts, so I think we are ready for a bug.
>
> Lars
>
> On 22.02.2008, at 14:03, Lars Trieloff wrote:
>
> > Hi Felix,
> >
> > you know my position, and I hope the vote is not yet closed,
> >
> > On 21.02.2008, at 16:52, Felix Meschberger wrote:
> >
> >> [x] Don't ever excute directly addressed scripts
> >> [ ] Execute if some of the selectors has a certain value
> >> (e.g. last selector is "exec")
> >> [ ] Execute if there is an extension
> >> [ ] Execute unless there is a special request header
> >> (e.g. X-Sling-Exec)
> >
> >
> >
> >
> > regards,
> >
> > Lars
> >
> > --
> > Lars Trieloff
> > lars@trieloff.net
> > http://weblogs.goshaky.com/weblogs/lars
> >
>
> --
> Lars Trieloff
> lars@trieloff.net
> http://weblogs.goshaky.com/weblogs/lars
>
Re: Support for direct script addressing (was: How to I chmod -x on Javascript files)
Posted by Lars Trieloff <la...@trieloff.net>.
Should I file a bug for this issue? I think everybody has voted on not
executing scripts, so I think we are ready for a bug.
Lars
On 22.02.2008, at 14:03, Lars Trieloff wrote:
> Hi Felix,
>
> you know my position, and I hope the vote is not yet closed,
>
> On 21.02.2008, at 16:52, Felix Meschberger wrote:
>
>> [x] Don't ever excute directly addressed scripts
>> [ ] Execute if some of the selectors has a certain value
>> (e.g. last selector is "exec")
>> [ ] Execute if there is an extension
>> [ ] Execute unless there is a special request header
>> (e.g. X-Sling-Exec)
>
>
>
>
> regards,
>
> Lars
>
> --
> Lars Trieloff
> lars@trieloff.net
> http://weblogs.goshaky.com/weblogs/lars
>
--
Lars Trieloff
lars@trieloff.net
http://weblogs.goshaky.com/weblogs/lars
Re: Support for direct script addressing (was: How to I chmod -x on Javascript files)
Posted by "Roy T. Fielding" <fi...@gbiv.com>.
I think executing a script upon GET of a URI should only be possible
on generated (symlink or alias) URIs that are specifically configured
for that purpose and have separate access control from the URIs used
to edit/view those scripts. This follows the same practice used in
Web servers with CGI scripts.
....Roy
Re: Support for direct script addressing (was: How to I chmod -x on Javascript files)
Posted by Lars Trieloff <la...@trieloff.net>.
Hi Felix,
you know my position, and I hope the vote is not yet closed,
On 21.02.2008, at 16:52, Felix Meschberger wrote:
> [x] Don't ever excute directly addressed scripts
> [ ] Execute if some of the selectors has a certain value
> (e.g. last selector is "exec")
> [ ] Execute if there is an extension
> [ ] Execute unless there is a special request header
> (e.g. X-Sling-Exec)
regards,
Lars
--
Lars Trieloff
lars@trieloff.net
http://weblogs.goshaky.com/weblogs/lars
Re: Support for direct script addressing (was: How to I chmod -x on Javascript files)
Posted by Bertrand Delacretaz <bd...@apache.org>.
On Thu, Feb 21, 2008 at 4:52 PM, Felix Meschberger <fm...@gmail.com> wrote:
> ... I would like to poll you opinions on this matter:
>
> [X ] Don't ever excute directly addressed scripts
And we can add one of those options later, if we ever need them:
> [ ] Execute if some of the selectors has a certain value
> (e.g. last selector is "exec")
> [ ] Execute unless there is a special request header
> (e.g. X-Sling-Exec)
-Bertrand
Support for direct script addressing (was: How to I chmod -x on
Javascript files)
Posted by Felix Meschberger <fm...@gmail.com>.
Hi all,
As a side effect of the Resource tree stuff we recently implemented, it
is now possible to address server-side scripts and have them executed
without the need to create some repository node with a resource type
pointing to the script. This may be of use in certain administrative use
cases.
Currently, this direct execution is only possible if the request
contains an extension. That is, for a given script /path/script.esp, the
script will only be executed when requested as
http://host/path/script.esp.html. If requested as
http://host/path/script.esp, the script would not be executed but
treated as any resource would be.
This though leaves to problems discussed in this thread if the script
resource itself is to be rendered. So I switched of this self-executing
functionality for now (it is not used anyway AFAIK, and directly
addressed servlets are not influenced as the resource type of servlets
points to the servlet itself).
I would like to poll you opinions on this matter:
[ ] Don't ever excute directly addressed scripts
[ ] Execute if some of the selectors has a certain value
(e.g. last selector is "exec")
[ ] Execute if there is an extension
[ ] Execute unless there is a special request header
(e.g. X-Sling-Exec)
Thanks and Regards
Felix
Re: How to I chmod -x on Javascript files
Posted by Lars Trieloff <la...@trieloff.net>.
Hi Toby,
sorry, this does not work. I can send you the dojo bundle I created
for illustration. Basically I would like to explore the whole
repository structure using µjax. I cannot skip the .js .esp or .es
or .ecma files, because it is just these files that I am interested in
(Bunkai is going to be a web-based IDE for Sling).
The question for me is: should be implement a selector that makes
scripts non-executable or (from my point preferred) executable, so
that you would use
> http://localhost:8888/dojo/dojo/AdapterRegistry.js.exec.html
or
> http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.noexec.json
or (and this would be the least preferred way) to introduce a header
like
X-Sling-Excecute: No
that µsling or the Dojo Store I wrote could use by default.
regards,
Lars
On 20.02.2008, at 19:42, Tobias Bocanegra wrote:
> if a script is stored as nt:file, it can be retrieved as such, using
> the direct url. eg:
>
> http://localhost:8888/dojo/dojo/AdapterRegistry.js
>
> if you need to execute it on the server, you need to add some
> extension. eg:
>
> http://localhost:8888/dojo/dojo/AdapterRegistry.js.html
>
> afaik the current extension mapping does not allow override of the
> default behavior of scripts. so:
>
> http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json
>
> does not work.
>
> however, i think that it would be good to differentiate between client
> and server sided scripts.
> most common is ".js" though of a client sided script, so should never
> be executed on the server.
> ".esp" is somehow a jsp derivate that includes a parser for the <% %>
> tags. if a pure ecma script is to be executed on the server, it would
> call them ".es". the question is where the output will go?
> probably to system.out or to some execution context writer.
>
> my suggestion is to remove the ".js" mapping to rhino scripts and
> replace it with the ".es" extension.
>
> WDYT ?
> regards, toby
>
> On 2/20/08, Lars Trieloff <la...@trieloff.net> wrote:
>> Another hackish solution would be the introduction of a do-not-
>> execute
>> header or selector or request parameters.
>>
>> The main problem is the ambiguity that these PHP-style scripts
>> introduce, which itselfs leads to a hackish programming style.
>>
>> On 20.02.2008, at 18:42, Peter Svensson wrote:
>>
>>> One hackish solution could be for Bunkai to save the scripts
>>> as .esp.src or
>>> somethin like that, and then I could have a "deplot" button (which
>>> could
>>> work hierarchically) which just copies those files to .esp
>>> extensions.
>>>
>>> Cheers,
>>> PS
>>>
>>> On Wed, Feb 20, 2008 at 5:32 PM, Lars Trieloff <la...@trieloff.net>
>>> wrote:
>>>
>>>> After thinking a bit about it, I think that neither renaming
>>>> server-
>>>> side scripts to ecma nor having a designated /apps or /libs path
>>>> nor
>>>> having an executable bit would solve my problem in the light of
>>>> Bunkai, where you actually want to edit the scripts you are going
>>>> to
>>>> execute later.
>>>>
>>>> I do not really understand yet when scripts are supposed to be
>>>> executed on request and where this behavior is desired (it feels a
>>>> bit
>>>> like PHP to me)
>>>>
>>>> regards,
>>>>
>>>> Lars
>>>>
>>>> On 20.02.2008, at 15:37, Felix Meschberger wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> Am Mittwoch, den 20.02.2008, 14:33 +0100 schrieb Lars Trieloff:
>>>>>> I was unable to get the JSON representation (curl -u admin:admin
>>>> http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
>>>>>> because Sling tries to execute the JS script then and gives me
>>>>>> following error message:
>>>>>>
>>>>>> org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
>>>>>> defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
>>>>>
>>>>> Yes, we execute a resource, which adapts to Servlet, if the
>>>>> request
>>>>> has
>>>>> an extension. Therefore the request /dojo/dojo/AdapterRegistry.js
>>>>> (no
>>>>> extension) is not executed by the given request is executed
>>>>> (extension
>>>>> json).
>>>>>
>>>>> This collision between streaming the script and executing the
>>>>> script
>>>>> is
>>>>> an issue only with .js files AFAIK. The reason for this is, that
>>>>> the
>>>>> JavaScript ScriptEngineFactory is registered for .js and .esp
>>>>> files.
>>>>>
>>>>> We might fix this by using .ecma instead of .js for server-side
>>>>> JavaScript files.
>>>>>
>>>>> WDYT ?
>>>>>
>>>>>>
>>>>>> So my question is how do I define subtrees that are not
>>>>>> executable,
>>>>>> even if they contain a script. I think microsling originally
>>>>>> had a
>>>>>> convention that only scripts in /scripts were actually
>>>>>> executable,
>>>>>> but
>>>>>> the current code deviates from this convention.
>>>>>
>>>>> This depends from where you are looking from: I would say,
>>>>> microsling
>>>>> devaiated from Sling in that respect ;-)
>>>>>
>>>>> Regards
>>>>> Felix
>>>>>
>>>>
>>>> --
>>>> Lars Trieloff
>>>> lars@trieloff.net
>>>> http://weblogs.goshaky.com/weblogs/lars
>>>>
>>>>
>>
>> --
>> Lars Trieloff
>> lars@trieloff.net
>> http://weblogs.goshaky.com/weblogs/lars
>>
>>
>>
>
>
> --
> -----------------------------------------< tobias.bocanegra@day.com
> >---
> Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001
> Basel
> T +41 61 226 98 98, F +41 61 226 98 97
> -----------------------------------------------< http://www.day.com
> >---
--
Lars Trieloff
lars@trieloff.net
http://weblogs.goshaky.com/weblogs/lars
Re: How to I chmod -x on Javascript files
Posted by Lars Trieloff <la...@trieloff.net>.
You can get the contents of the script by accessing it directly,
without any additional extensions or selectors, so
something.es = the ES script
something.es.xyz = the ES scripts output (provided there is a script
engine registered for *.es)
But what I need is the list of properties and child nodes of
something.es (which is a nt:file anyway if you create it with WebDAV),
so that does not work.
regards,
Lars
On 20.02.2008, at 19:49, Peter Svensson wrote:
> Do I understand correctly that it would be possible to get the
> contents of
> an .es script without executing it, by setting the resource type to
> nt:file?
> Then I'd +1, absolutely.
>
> Cheers,
> PS
>
> On Wed, Feb 20, 2008 at 7:42 PM, Tobias Bocanegra <tobias.bocanegra@day.com
> >
> wrote:
>
>> if a script is stored as nt:file, it can be retrieved as such, using
>> the direct url. eg:
>>
>> http://localhost:8888/dojo/dojo/AdapterRegistry.js
>>
>> if you need to execute it on the server, you need to add some
>> extension.
>> eg:
>>
>> http://localhost:8888/dojo/dojo/AdapterRegistry.js.html
>>
>> afaik the current extension mapping does not allow override of the
>> default behavior of scripts. so:
>>
>> http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json
>>
>> does not work.
>>
>> however, i think that it would be good to differentiate between
>> client
>> and server sided scripts.
>> most common is ".js" though of a client sided script, so should never
>> be executed on the server.
>> ".esp" is somehow a jsp derivate that includes a parser for the <% %>
>> tags. if a pure ecma script is to be executed on the server, it would
>> call them ".es". the question is where the output will go?
>> probably to system.out or to some execution context writer.
>>
>> my suggestion is to remove the ".js" mapping to rhino scripts and
>> replace it with the ".es" extension.
>>
>> WDYT ?
>> regards, toby
>>
>> On 2/20/08, Lars Trieloff <la...@trieloff.net> wrote:
>>> Another hackish solution would be the introduction of a do-not-
>>> execute
>>> header or selector or request parameters.
>>>
>>> The main problem is the ambiguity that these PHP-style scripts
>>> introduce, which itselfs leads to a hackish programming style.
>>>
>>> On 20.02.2008, at 18:42, Peter Svensson wrote:
>>>
>>>> One hackish solution could be for Bunkai to save the scripts
>>>> as .esp.src or
>>>> somethin like that, and then I could have a "deplot" button (which
>>>> could
>>>> work hierarchically) which just copies those files to .esp
>>>> extensions.
>>>>
>>>> Cheers,
>>>> PS
>>>>
>>>> On Wed, Feb 20, 2008 at 5:32 PM, Lars Trieloff <la...@trieloff.net>
>>>> wrote:
>>>>
>>>>> After thinking a bit about it, I think that neither renaming
>>>>> server-
>>>>> side scripts to ecma nor having a designated /apps or /libs path
>>>>> nor
>>>>> having an executable bit would solve my problem in the light of
>>>>> Bunkai, where you actually want to edit the scripts you are
>>>>> going to
>>>>> execute later.
>>>>>
>>>>> I do not really understand yet when scripts are supposed to be
>>>>> executed on request and where this behavior is desired (it feels a
>>>>> bit
>>>>> like PHP to me)
>>>>>
>>>>> regards,
>>>>>
>>>>> Lars
>>>>>
>>>>> On 20.02.2008, at 15:37, Felix Meschberger wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> Am Mittwoch, den 20.02.2008, 14:33 +0100 schrieb Lars Trieloff:
>>>>>>> I was unable to get the JSON representation (curl -u admin:admin
>>>>> http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
>>>>>>> because Sling tries to execute the JS script then and gives me
>>>>>>> following error message:
>>>>>>>
>>>>>>> org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
>>>>>>> defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
>>>>>>
>>>>>> Yes, we execute a resource, which adapts to Servlet, if the
>>>>>> request
>>>>>> has
>>>>>> an extension. Therefore the request /dojo/dojo/AdapterRegistry.js
>>>>>> (no
>>>>>> extension) is not executed by the given request is executed
>>>>>> (extension
>>>>>> json).
>>>>>>
>>>>>> This collision between streaming the script and executing the
>>>>>> script
>>>>>> is
>>>>>> an issue only with .js files AFAIK. The reason for this is,
>>>>>> that the
>>>>>> JavaScript ScriptEngineFactory is registered for .js and .esp
>>>>>> files.
>>>>>>
>>>>>> We might fix this by using .ecma instead of .js for server-side
>>>>>> JavaScript files.
>>>>>>
>>>>>> WDYT ?
>>>>>>
>>>>>>>
>>>>>>> So my question is how do I define subtrees that are not
>>>>>>> executable,
>>>>>>> even if they contain a script. I think microsling originally
>>>>>>> had a
>>>>>>> convention that only scripts in /scripts were actually
>>>>>>> executable,
>>>>>>> but
>>>>>>> the current code deviates from this convention.
>>>>>>
>>>>>> This depends from where you are looking from: I would say,
>>>>>> microsling
>>>>>> devaiated from Sling in that respect ;-)
>>>>>>
>>>>>> Regards
>>>>>> Felix
>>>>>>
>>>>>
>>>>> --
>>>>> Lars Trieloff
>>>>> lars@trieloff.net
>>>>> http://weblogs.goshaky.com/weblogs/lars
>>>>>
>>>>>
>>>
>>> --
>>> Lars Trieloff
>>> lars@trieloff.net
>>> http://weblogs.goshaky.com/weblogs/lars
>>>
>>>
>>>
>>
>>
>> --
>> -----------------------------------------< tobias.bocanegra@day.com
>> >---
>> Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001
>> Basel
>> T +41 61 226 98 98, F +41 61 226 98 97
>> -----------------------------------------------< http://www.day.com
>> >---
>>
--
Lars Trieloff
lars@trieloff.net
http://weblogs.goshaky.com/weblogs/lars
Re: How to I chmod -x on Javascript files
Posted by Peter Svensson <ps...@gmail.com>.
Do I understand correctly that it would be possible to get the contents of
an .es script without executing it, by setting the resource type to nt:file?
Then I'd +1, absolutely.
Cheers,
PS
On Wed, Feb 20, 2008 at 7:42 PM, Tobias Bocanegra <to...@day.com>
wrote:
> if a script is stored as nt:file, it can be retrieved as such, using
> the direct url. eg:
>
> http://localhost:8888/dojo/dojo/AdapterRegistry.js
>
> if you need to execute it on the server, you need to add some extension.
> eg:
>
> http://localhost:8888/dojo/dojo/AdapterRegistry.js.html
>
> afaik the current extension mapping does not allow override of the
> default behavior of scripts. so:
>
> http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json
>
> does not work.
>
> however, i think that it would be good to differentiate between client
> and server sided scripts.
> most common is ".js" though of a client sided script, so should never
> be executed on the server.
> ".esp" is somehow a jsp derivate that includes a parser for the <% %>
> tags. if a pure ecma script is to be executed on the server, it would
> call them ".es". the question is where the output will go?
> probably to system.out or to some execution context writer.
>
> my suggestion is to remove the ".js" mapping to rhino scripts and
> replace it with the ".es" extension.
>
> WDYT ?
> regards, toby
>
> On 2/20/08, Lars Trieloff <la...@trieloff.net> wrote:
> > Another hackish solution would be the introduction of a do-not-execute
> > header or selector or request parameters.
> >
> > The main problem is the ambiguity that these PHP-style scripts
> > introduce, which itselfs leads to a hackish programming style.
> >
> > On 20.02.2008, at 18:42, Peter Svensson wrote:
> >
> > > One hackish solution could be for Bunkai to save the scripts
> > > as .esp.src or
> > > somethin like that, and then I could have a "deplot" button (which
> > > could
> > > work hierarchically) which just copies those files to .esp extensions.
> > >
> > > Cheers,
> > > PS
> > >
> > > On Wed, Feb 20, 2008 at 5:32 PM, Lars Trieloff <la...@trieloff.net>
> > > wrote:
> > >
> > >> After thinking a bit about it, I think that neither renaming server-
> > >> side scripts to ecma nor having a designated /apps or /libs path nor
> > >> having an executable bit would solve my problem in the light of
> > >> Bunkai, where you actually want to edit the scripts you are going to
> > >> execute later.
> > >>
> > >> I do not really understand yet when scripts are supposed to be
> > >> executed on request and where this behavior is desired (it feels a
> > >> bit
> > >> like PHP to me)
> > >>
> > >> regards,
> > >>
> > >> Lars
> > >>
> > >> On 20.02.2008, at 15:37, Felix Meschberger wrote:
> > >>
> > >>> Hi,
> > >>>
> > >>> Am Mittwoch, den 20.02.2008, 14:33 +0100 schrieb Lars Trieloff:
> > >>>> I was unable to get the JSON representation (curl -u admin:admin
> > >> http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
> > >>>> because Sling tries to execute the JS script then and gives me
> > >>>> following error message:
> > >>>>
> > >>>> org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
> > >>>> defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
> > >>>
> > >>> Yes, we execute a resource, which adapts to Servlet, if the request
> > >>> has
> > >>> an extension. Therefore the request /dojo/dojo/AdapterRegistry.js
> > >>> (no
> > >>> extension) is not executed by the given request is executed
> > >>> (extension
> > >>> json).
> > >>>
> > >>> This collision between streaming the script and executing the script
> > >>> is
> > >>> an issue only with .js files AFAIK. The reason for this is, that the
> > >>> JavaScript ScriptEngineFactory is registered for .js and .esp files.
> > >>>
> > >>> We might fix this by using .ecma instead of .js for server-side
> > >>> JavaScript files.
> > >>>
> > >>> WDYT ?
> > >>>
> > >>>>
> > >>>> So my question is how do I define subtrees that are not executable,
> > >>>> even if they contain a script. I think microsling originally had a
> > >>>> convention that only scripts in /scripts were actually executable,
> > >>>> but
> > >>>> the current code deviates from this convention.
> > >>>
> > >>> This depends from where you are looking from: I would say,
> > >>> microsling
> > >>> devaiated from Sling in that respect ;-)
> > >>>
> > >>> Regards
> > >>> Felix
> > >>>
> > >>
> > >> --
> > >> Lars Trieloff
> > >> lars@trieloff.net
> > >> http://weblogs.goshaky.com/weblogs/lars
> > >>
> > >>
> >
> > --
> > Lars Trieloff
> > lars@trieloff.net
> > http://weblogs.goshaky.com/weblogs/lars
> >
> >
> >
>
>
> --
> -----------------------------------------< tobias.bocanegra@day.com >---
> Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001 Basel
> T +41 61 226 98 98, F +41 61 226 98 97
> -----------------------------------------------< http://www.day.com >---
>
Re: How to I chmod -x on Javascript files
Posted by David Nuescheler <da...@day.com>.
Hi guys,
> > > Executing a resource as a script is just another way of rendering
> > > a representation to be sent to the client.
> > thats what's this all about :-)
> Exactly. I don't understand why people seem to consider
> "executability" as some kind of special property that needs custom
> support when the standard Sling features are quite enough to cover
> that use case.
After thinking things through a bit again, I think that the custom "exec"
selector would be the best solution. But as Jukka pointed out, this is just
a convenience thing, to avoid having to create a node with a resourcetype
that points to your script.
Personally, I think we can turn it off for now.
regards,
david
Re: How to I chmod -x on Javascript files
Posted by Jukka Zitting <ju...@gmail.com>.
Hi,
On Fri, Feb 22, 2008 at 12:41 AM, Tobias Bocanegra
<to...@day.com> wrote:
> > Executing a resource as a script is just another way of rendering
> > a representation to be sent to the client.
> thats what's this all about :-)
Exactly. I don't understand why people seem to consider
"executability" as some kind of special property that needs custom
support when the standard Sling features are quite enough to cover
that use case.
BR,
Jukka Zitting
Re: How to I chmod -x on Javascript files
Posted by Tobias Bocanegra <to...@day.com>.
> > > Why can't you just attach the special sling:resourceType to the test.jsp node?
> > hmm.. that might work. so actually the 'x-flag' on the script. but
> > then you're not able to
> > address the script anymore via webdav in order to get it's content
>
>
> Or you could use a normal selector. Executing a resource as a script
> is just another way of rendering a representation to be sent to the
> client.
thats what's this all about :-)
--
-----------------------------------------< tobias.bocanegra@day.com >---
Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001 Basel
T +41 61 226 98 98, F +41 61 226 98 97
-----------------------------------------------< http://www.day.com >---
Re: How to I chmod -x on Javascript files
Posted by Jukka Zitting <ju...@gmail.com>.
Hi,
On Thu, Feb 21, 2008 at 11:23 PM, Tobias Bocanegra
<to...@day.com> wrote:
> > Why can't you just attach the special sling:resourceType to the test.jsp node?
> hmm.. that might work. so actually the 'x-flag' on the script. but
> then you're not able to
> address the script anymore via webdav in order to get it's content
Or you could use a normal selector. Executing a resource as a script
is just another way of rendering a representation to be sent to the
client.
BR,
Jukka Zitting
Re: How to I chmod -x on Javascript files
Posted by Tobias Bocanegra <to...@day.com>.
> > > Wouldn't it be trivially easy to just use a component that takes the
> > > referenced content and executes it as a script? This needs no extra
> > > support from the Sling framework, a simple component just like any
> > > other should be enough.
> > of course, but then you need to create an extra node for each script
> > you want to execute. eg:
> >
> > /apps/foo/test.jsp
> > /apps/foo/test
> > sling:resourceType "/magic/exec/servlet"
> > scriptPath="/apps/foo/test.jsp"
>
>
> Why can't you just attach the special sling:resourceType to the test.jsp node?
hmm.. that might work. so actually the 'x-flag' on the script. but
then you're not able to
address the script anymore via webdav in order to get it's content
--
-----------------------------------------< tobias.bocanegra@day.com >---
Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001 Basel
T +41 61 226 98 98, F +41 61 226 98 97
-----------------------------------------------< http://www.day.com >---
Re: How to I chmod -x on Javascript files
Posted by Jukka Zitting <ju...@gmail.com>.
Hi,
On Thu, Feb 21, 2008 at 10:20 PM, Tobias Bocanegra
<to...@day.com> wrote:
> > Wouldn't it be trivially easy to just use a component that takes the
> > referenced content and executes it as a script? This needs no extra
> > support from the Sling framework, a simple component just like any
> > other should be enough.
> of course, but then you need to create an extra node for each script
> you want to execute. eg:
>
> /apps/foo/test.jsp
> /apps/foo/test
> sling:resourceType "/magic/exec/servlet"
> scriptPath="/apps/foo/test.jsp"
Why can't you just attach the special sling:resourceType to the test.jsp node?
BR,
Jukka Zitting
Re: How to I chmod -x on Javascript files
Posted by Tobias Bocanegra <to...@day.com>.
> > Looking at all of this, I currently tend to think, we should just switch
> > off this direct script execution and think about how to implement it,
> > should the need arise....
>
>
> Wouldn't it be trivially easy to just use a component that takes the
> referenced content and executes it as a script? This needs no extra
> support from the Sling framework, a simple component just like any
> other should be enough.
of course, but then you need to create an extra node for each script
you want to execute. eg:
/apps/foo/test.jsp
/apps/foo/test
sling:resourceType "/magic/exec/servlet"
scriptPath="/apps/foo/test.jsp"
--
-----------------------------------------< tobias.bocanegra@day.com >---
Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001 Basel
T +41 61 226 98 98, F +41 61 226 98 97
-----------------------------------------------< http://www.day.com >---
Re: How to I chmod -x on Javascript files
Posted by Jukka Zitting <ju...@gmail.com>.
Hi,
On Thu, Feb 21, 2008 at 9:42 PM, Felix Meschberger <fm...@gmail.com> wrote:
> Looking at all of this, I currently tend to think, we should just switch
> off this direct script execution and think about how to implement it,
> should the need arise....
Wouldn't it be trivially easy to just use a component that takes the
referenced content and executes it as a script? This needs no extra
support from the Sling framework, a simple component just like any
other should be enough.
BR,
Jukka Zitting
Re: How to I chmod -x on Javascript files
Posted by Felix Meschberger <fm...@gmail.com>.
Hi David,
Am Donnerstag, den 21.02.2008, 20:32 +0100 schrieb David Nuescheler:
> responding to myself:
>
> > so:
> >
> > GET /test.esp -> returns the sourcecode
> > GET /test.esp.run -> executes the script
> >
>
> after talking to Bertrand and suddenly remembering the discussion I
> had with Felix a while
> ago ;) I think Felix came up with the even better solution to use the
> proper extension that
> fits the mime-type. so we would end up with something like:
>
> GET /test.esp.exec.html
This could work, using "exec" as the marker to execute the script using
html as the extension
>
> or
>
> GET /test.esp.html
This is currently implemented but is problematic because a request such
as test.esp.1.json would not return the test.esp node as JSON but
execute the test.esp script.
Looking at all of this, I currently tend to think, we should just switch
off this direct script execution and think about how to implement it,
should the need arise....
Regards
Felix
>
> to trigger an execution of script.
>
> As far as I understand people are generally in agreement with that so
> feel free to ignore my previous mail ;)
>
> regards,
> david
Re: How to I chmod -x on Javascript files
Posted by David Nuescheler <da...@day.com>.
responding to myself:
> so:
>
> GET /test.esp -> returns the sourcecode
> GET /test.esp.run -> executes the script
>
after talking to Bertrand and suddenly remembering the discussion I
had with Felix a while
ago ;) I think Felix came up with the even better solution to use the
proper extension that
fits the mime-type. so we would end up with something like:
GET /test.esp.exec.html
or
GET /test.esp.html
to trigger an execution of script.
As far as I understand people are generally in agreement with that so
feel free to ignore my previous mail ;)
regards,
david
Re: How to I chmod -x on Javascript files
Posted by David Nuescheler <da...@day.com>.
Hi guys,
I think we had this discussion before.
I really strongly disagree with executing anything that has an exact
match in the content repository. If we have an exact match in the
repository we need to let the webdav servlet take care of things.
So a GET to .jsp, .esp, .ecma, never executes, but just does a plain old get.
if you want to execute a script directly (which in my mind violates resource
orientation) one should be forced to to use let's say a ".run" extension.
so:
GET /test.esp -> returns the sourcecode
GET /test.esp.run -> executes the script
I am not even sure that we need this feature, but please don't break the WebDAV
access to resources in sling by default.
regards,
david
Re: How to I chmod -x on Javascript files
Posted by Felix Meschberger <fm...@gmail.com>.
Hi,
Am Mittwoch, den 20.02.2008, 10:42 -0800 schrieb Tobias Bocanegra:
> if a script is stored as nt:file, it can be retrieved as such, using
> the direct url. eg:
>
> http://localhost:8888/dojo/dojo/AdapterRegistry.js
>
> if you need to execute it on the server, you need to add some extension. eg:
>
> http://localhost:8888/dojo/dojo/AdapterRegistry.js.html
>
> afaik the current extension mapping does not allow override of the
> default behavior of scripts. so:
>
> http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json
>
> does not work.
Wrong, this does work, I don't know why it should not ? It would just
call the AdapterRegistry.js script exactly the same when requesting
AdapterRegistry.js.html.
>
> however, i think that it would be good to differentiate between client
> and server sided scripts.
> most common is ".js" though of a client sided script, so should never
> be executed on the server.
> ".esp" is somehow a jsp derivate that includes a parser for the <% %>
> tags. if a pure ecma script is to be executed on the server, it would
> call them ".es". the question is where the output will go?
> probably to system.out or to some execution context writer.
You might ask the same question for servlets ;-) Pure ECMA scripts have
to get the output just like any servlet. Actually the output is provided
as the global out variable to which scripts may write.
>
> my suggestion is to remove the ".js" mapping to rhino scripts and
> replace it with the ".es" extension.
>
> WDYT ?
This is what I already proposed, except that I proposed ecma instead of
es.
Regards
Felix
> regards, toby
>
> On 2/20/08, Lars Trieloff <la...@trieloff.net> wrote:
> > Another hackish solution would be the introduction of a do-not-execute
> > header or selector or request parameters.
> >
> > The main problem is the ambiguity that these PHP-style scripts
> > introduce, which itselfs leads to a hackish programming style.
> >
> > On 20.02.2008, at 18:42, Peter Svensson wrote:
> >
> > > One hackish solution could be for Bunkai to save the scripts
> > > as .esp.src or
> > > somethin like that, and then I could have a "deplot" button (which
> > > could
> > > work hierarchically) which just copies those files to .esp extensions.
> > >
> > > Cheers,
> > > PS
> > >
> > > On Wed, Feb 20, 2008 at 5:32 PM, Lars Trieloff <la...@trieloff.net>
> > > wrote:
> > >
> > >> After thinking a bit about it, I think that neither renaming server-
> > >> side scripts to ecma nor having a designated /apps or /libs path nor
> > >> having an executable bit would solve my problem in the light of
> > >> Bunkai, where you actually want to edit the scripts you are going to
> > >> execute later.
> > >>
> > >> I do not really understand yet when scripts are supposed to be
> > >> executed on request and where this behavior is desired (it feels a
> > >> bit
> > >> like PHP to me)
> > >>
> > >> regards,
> > >>
> > >> Lars
> > >>
> > >> On 20.02.2008, at 15:37, Felix Meschberger wrote:
> > >>
> > >>> Hi,
> > >>>
> > >>> Am Mittwoch, den 20.02.2008, 14:33 +0100 schrieb Lars Trieloff:
> > >>>> I was unable to get the JSON representation (curl -u admin:admin
> > >> http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
> > >>>> because Sling tries to execute the JS script then and gives me
> > >>>> following error message:
> > >>>>
> > >>>> org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
> > >>>> defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
> > >>>
> > >>> Yes, we execute a resource, which adapts to Servlet, if the request
> > >>> has
> > >>> an extension. Therefore the request /dojo/dojo/AdapterRegistry.js
> > >>> (no
> > >>> extension) is not executed by the given request is executed
> > >>> (extension
> > >>> json).
> > >>>
> > >>> This collision between streaming the script and executing the script
> > >>> is
> > >>> an issue only with .js files AFAIK. The reason for this is, that the
> > >>> JavaScript ScriptEngineFactory is registered for .js and .esp files.
> > >>>
> > >>> We might fix this by using .ecma instead of .js for server-side
> > >>> JavaScript files.
> > >>>
> > >>> WDYT ?
> > >>>
> > >>>>
> > >>>> So my question is how do I define subtrees that are not executable,
> > >>>> even if they contain a script. I think microsling originally had a
> > >>>> convention that only scripts in /scripts were actually executable,
> > >>>> but
> > >>>> the current code deviates from this convention.
> > >>>
> > >>> This depends from where you are looking from: I would say,
> > >>> microsling
> > >>> devaiated from Sling in that respect ;-)
> > >>>
> > >>> Regards
> > >>> Felix
> > >>>
> > >>
> > >> --
> > >> Lars Trieloff
> > >> lars@trieloff.net
> > >> http://weblogs.goshaky.com/weblogs/lars
> > >>
> > >>
> >
> > --
> > Lars Trieloff
> > lars@trieloff.net
> > http://weblogs.goshaky.com/weblogs/lars
> >
> >
> >
>
>
Re: How to I chmod -x on Javascript files
Posted by Tobias Bocanegra <to...@day.com>.
if a script is stored as nt:file, it can be retrieved as such, using
the direct url. eg:
http://localhost:8888/dojo/dojo/AdapterRegistry.js
if you need to execute it on the server, you need to add some extension. eg:
http://localhost:8888/dojo/dojo/AdapterRegistry.js.html
afaik the current extension mapping does not allow override of the
default behavior of scripts. so:
http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json
does not work.
however, i think that it would be good to differentiate between client
and server sided scripts.
most common is ".js" though of a client sided script, so should never
be executed on the server.
".esp" is somehow a jsp derivate that includes a parser for the <% %>
tags. if a pure ecma script is to be executed on the server, it would
call them ".es". the question is where the output will go?
probably to system.out or to some execution context writer.
my suggestion is to remove the ".js" mapping to rhino scripts and
replace it with the ".es" extension.
WDYT ?
regards, toby
On 2/20/08, Lars Trieloff <la...@trieloff.net> wrote:
> Another hackish solution would be the introduction of a do-not-execute
> header or selector or request parameters.
>
> The main problem is the ambiguity that these PHP-style scripts
> introduce, which itselfs leads to a hackish programming style.
>
> On 20.02.2008, at 18:42, Peter Svensson wrote:
>
> > One hackish solution could be for Bunkai to save the scripts
> > as .esp.src or
> > somethin like that, and then I could have a "deplot" button (which
> > could
> > work hierarchically) which just copies those files to .esp extensions.
> >
> > Cheers,
> > PS
> >
> > On Wed, Feb 20, 2008 at 5:32 PM, Lars Trieloff <la...@trieloff.net>
> > wrote:
> >
> >> After thinking a bit about it, I think that neither renaming server-
> >> side scripts to ecma nor having a designated /apps or /libs path nor
> >> having an executable bit would solve my problem in the light of
> >> Bunkai, where you actually want to edit the scripts you are going to
> >> execute later.
> >>
> >> I do not really understand yet when scripts are supposed to be
> >> executed on request and where this behavior is desired (it feels a
> >> bit
> >> like PHP to me)
> >>
> >> regards,
> >>
> >> Lars
> >>
> >> On 20.02.2008, at 15:37, Felix Meschberger wrote:
> >>
> >>> Hi,
> >>>
> >>> Am Mittwoch, den 20.02.2008, 14:33 +0100 schrieb Lars Trieloff:
> >>>> I was unable to get the JSON representation (curl -u admin:admin
> >> http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
> >>>> because Sling tries to execute the JS script then and gives me
> >>>> following error message:
> >>>>
> >>>> org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
> >>>> defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
> >>>
> >>> Yes, we execute a resource, which adapts to Servlet, if the request
> >>> has
> >>> an extension. Therefore the request /dojo/dojo/AdapterRegistry.js
> >>> (no
> >>> extension) is not executed by the given request is executed
> >>> (extension
> >>> json).
> >>>
> >>> This collision between streaming the script and executing the script
> >>> is
> >>> an issue only with .js files AFAIK. The reason for this is, that the
> >>> JavaScript ScriptEngineFactory is registered for .js and .esp files.
> >>>
> >>> We might fix this by using .ecma instead of .js for server-side
> >>> JavaScript files.
> >>>
> >>> WDYT ?
> >>>
> >>>>
> >>>> So my question is how do I define subtrees that are not executable,
> >>>> even if they contain a script. I think microsling originally had a
> >>>> convention that only scripts in /scripts were actually executable,
> >>>> but
> >>>> the current code deviates from this convention.
> >>>
> >>> This depends from where you are looking from: I would say,
> >>> microsling
> >>> devaiated from Sling in that respect ;-)
> >>>
> >>> Regards
> >>> Felix
> >>>
> >>
> >> --
> >> Lars Trieloff
> >> lars@trieloff.net
> >> http://weblogs.goshaky.com/weblogs/lars
> >>
> >>
>
> --
> Lars Trieloff
> lars@trieloff.net
> http://weblogs.goshaky.com/weblogs/lars
>
>
>
--
-----------------------------------------< tobias.bocanegra@day.com >---
Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001 Basel
T +41 61 226 98 98, F +41 61 226 98 97
-----------------------------------------------< http://www.day.com >---
Re: How to I chmod -x on Javascript files
Posted by Lars Trieloff <la...@trieloff.net>.
Another hackish solution would be the introduction of a do-not-execute
header or selector or request parameters.
The main problem is the ambiguity that these PHP-style scripts
introduce, which itselfs leads to a hackish programming style.
On 20.02.2008, at 18:42, Peter Svensson wrote:
> One hackish solution could be for Bunkai to save the scripts
> as .esp.src or
> somethin like that, and then I could have a "deplot" button (which
> could
> work hierarchically) which just copies those files to .esp extensions.
>
> Cheers,
> PS
>
> On Wed, Feb 20, 2008 at 5:32 PM, Lars Trieloff <la...@trieloff.net>
> wrote:
>
>> After thinking a bit about it, I think that neither renaming server-
>> side scripts to ecma nor having a designated /apps or /libs path nor
>> having an executable bit would solve my problem in the light of
>> Bunkai, where you actually want to edit the scripts you are going to
>> execute later.
>>
>> I do not really understand yet when scripts are supposed to be
>> executed on request and where this behavior is desired (it feels a
>> bit
>> like PHP to me)
>>
>> regards,
>>
>> Lars
>>
>> On 20.02.2008, at 15:37, Felix Meschberger wrote:
>>
>>> Hi,
>>>
>>> Am Mittwoch, den 20.02.2008, 14:33 +0100 schrieb Lars Trieloff:
>>>> I was unable to get the JSON representation (curl -u admin:admin
>> http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
>>>> because Sling tries to execute the JS script then and gives me
>>>> following error message:
>>>>
>>>> org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
>>>> defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
>>>
>>> Yes, we execute a resource, which adapts to Servlet, if the request
>>> has
>>> an extension. Therefore the request /dojo/dojo/AdapterRegistry.js
>>> (no
>>> extension) is not executed by the given request is executed
>>> (extension
>>> json).
>>>
>>> This collision between streaming the script and executing the script
>>> is
>>> an issue only with .js files AFAIK. The reason for this is, that the
>>> JavaScript ScriptEngineFactory is registered for .js and .esp files.
>>>
>>> We might fix this by using .ecma instead of .js for server-side
>>> JavaScript files.
>>>
>>> WDYT ?
>>>
>>>>
>>>> So my question is how do I define subtrees that are not executable,
>>>> even if they contain a script. I think microsling originally had a
>>>> convention that only scripts in /scripts were actually executable,
>>>> but
>>>> the current code deviates from this convention.
>>>
>>> This depends from where you are looking from: I would say,
>>> microsling
>>> devaiated from Sling in that respect ;-)
>>>
>>> Regards
>>> Felix
>>>
>>
>> --
>> Lars Trieloff
>> lars@trieloff.net
>> http://weblogs.goshaky.com/weblogs/lars
>>
>>
--
Lars Trieloff
lars@trieloff.net
http://weblogs.goshaky.com/weblogs/lars
Re: How to I chmod -x on Javascript files
Posted by Peter Svensson <ps...@gmail.com>.
One hackish solution could be for Bunkai to save the scripts as .esp.src or
somethin like that, and then I could have a "deplot" button (which could
work hierarchically) which just copies those files to .esp extensions.
Cheers,
PS
On Wed, Feb 20, 2008 at 5:32 PM, Lars Trieloff <la...@trieloff.net> wrote:
> After thinking a bit about it, I think that neither renaming server-
> side scripts to ecma nor having a designated /apps or /libs path nor
> having an executable bit would solve my problem in the light of
> Bunkai, where you actually want to edit the scripts you are going to
> execute later.
>
> I do not really understand yet when scripts are supposed to be
> executed on request and where this behavior is desired (it feels a bit
> like PHP to me)
>
> regards,
>
> Lars
>
> On 20.02.2008, at 15:37, Felix Meschberger wrote:
>
> > Hi,
> >
> > Am Mittwoch, den 20.02.2008, 14:33 +0100 schrieb Lars Trieloff:
> >> I was unable to get the JSON representation (curl -u admin:admin
> http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
> >> because Sling tries to execute the JS script then and gives me
> >> following error message:
> >>
> >> org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
> >> defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
> >
> > Yes, we execute a resource, which adapts to Servlet, if the request
> > has
> > an extension. Therefore the request /dojo/dojo/AdapterRegistry.js (no
> > extension) is not executed by the given request is executed (extension
> > json).
> >
> > This collision between streaming the script and executing the script
> > is
> > an issue only with .js files AFAIK. The reason for this is, that the
> > JavaScript ScriptEngineFactory is registered for .js and .esp files.
> >
> > We might fix this by using .ecma instead of .js for server-side
> > JavaScript files.
> >
> > WDYT ?
> >
> >>
> >> So my question is how do I define subtrees that are not executable,
> >> even if they contain a script. I think microsling originally had a
> >> convention that only scripts in /scripts were actually executable,
> >> but
> >> the current code deviates from this convention.
> >
> > This depends from where you are looking from: I would say, microsling
> > devaiated from Sling in that respect ;-)
> >
> > Regards
> > Felix
> >
>
> --
> Lars Trieloff
> lars@trieloff.net
> http://weblogs.goshaky.com/weblogs/lars
>
>
Re: How to I chmod -x on Javascript files
Posted by Tobias Bocanegra <to...@day.com>.
me, too :-)
On 2/21/08, Bertrand Delacretaz <bd...@apache.org> wrote:
> On Thu, Feb 21, 2008 at 4:43 PM, Felix Meschberger <fm...@gmail.com> wrote:
>
> > Am Mittwoch, den 20.02.2008, 17:32 +0100 schrieb Lars Trieloff:
>
> > >... I do not really understand yet when scripts are supposed to be
> > > executed on request and where this behavior is desired...
>
> > ... We can just as easy switch this off again....
>
> I'm ok to switch that off, direct execution of scripts by HTTP
> requests seems to cause problems, and I'm not sure about the benefits.
>
>
> -Bertrand
>
--
-----------------------------------------< tobias.bocanegra@day.com >---
Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001 Basel
T +41 61 226 98 98, F +41 61 226 98 97
-----------------------------------------------< http://www.day.com >---
Re: How to I chmod -x on Javascript files
Posted by Bertrand Delacretaz <bd...@apache.org>.
On Thu, Feb 21, 2008 at 4:43 PM, Felix Meschberger <fm...@gmail.com> wrote:
> Am Mittwoch, den 20.02.2008, 17:32 +0100 schrieb Lars Trieloff:
> >... I do not really understand yet when scripts are supposed to be
> > executed on request and where this behavior is desired...
> ... We can just as easy switch this off again....
I'm ok to switch that off, direct execution of scripts by HTTP
requests seems to cause problems, and I'm not sure about the benefits.
-Bertrand
Re: How to I chmod -x on Javascript files
Posted by Felix Meschberger <fm...@gmail.com>.
Hi,
Am Mittwoch, den 20.02.2008, 17:32 +0100 schrieb Lars Trieloff:
> After thinking a bit about it, I think that neither renaming server-
> side scripts to ecma nor having a designated /apps or /libs path nor
> having an executable bit would solve my problem in the light of
> Bunkai, where you actually want to edit the scripts you are going to
> execute later.
>
> I do not really understand yet when scripts are supposed to be
> executed on request and where this behavior is desired (it feels a bit
> like PHP to me)
We can just as easy switch this off again. Actually it is marked as a
TODO in the servlet resolver to still decide how to proceed.
Regards
Felix
>
> regards,
>
> Lars
>
> On 20.02.2008, at 15:37, Felix Meschberger wrote:
>
> > Hi,
> >
> > Am Mittwoch, den 20.02.2008, 14:33 +0100 schrieb Lars Trieloff:
> >> I was unable to get the JSON representation (curl -u admin:admin http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
> >> because Sling tries to execute the JS script then and gives me
> >> following error message:
> >>
> >> org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
> >> defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
> >
> > Yes, we execute a resource, which adapts to Servlet, if the request
> > has
> > an extension. Therefore the request /dojo/dojo/AdapterRegistry.js (no
> > extension) is not executed by the given request is executed (extension
> > json).
> >
> > This collision between streaming the script and executing the script
> > is
> > an issue only with .js files AFAIK. The reason for this is, that the
> > JavaScript ScriptEngineFactory is registered for .js and .esp files.
> >
> > We might fix this by using .ecma instead of .js for server-side
> > JavaScript files.
> >
> > WDYT ?
> >
> >>
> >> So my question is how do I define subtrees that are not executable,
> >> even if they contain a script. I think microsling originally had a
> >> convention that only scripts in /scripts were actually executable,
> >> but
> >> the current code deviates from this convention.
> >
> > This depends from where you are looking from: I would say, microsling
> > devaiated from Sling in that respect ;-)
> >
> > Regards
> > Felix
> >
>
> --
> Lars Trieloff
> lars@trieloff.net
> http://weblogs.goshaky.com/weblogs/lars
>
Re: How to I chmod -x on Javascript files
Posted by Lars Trieloff <la...@trieloff.net>.
After thinking a bit about it, I think that neither renaming server-
side scripts to ecma nor having a designated /apps or /libs path nor
having an executable bit would solve my problem in the light of
Bunkai, where you actually want to edit the scripts you are going to
execute later.
I do not really understand yet when scripts are supposed to be
executed on request and where this behavior is desired (it feels a bit
like PHP to me)
regards,
Lars
On 20.02.2008, at 15:37, Felix Meschberger wrote:
> Hi,
>
> Am Mittwoch, den 20.02.2008, 14:33 +0100 schrieb Lars Trieloff:
>> I was unable to get the JSON representation (curl -u admin:admin http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
>> because Sling tries to execute the JS script then and gives me
>> following error message:
>>
>> org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
>> defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
>
> Yes, we execute a resource, which adapts to Servlet, if the request
> has
> an extension. Therefore the request /dojo/dojo/AdapterRegistry.js (no
> extension) is not executed by the given request is executed (extension
> json).
>
> This collision between streaming the script and executing the script
> is
> an issue only with .js files AFAIK. The reason for this is, that the
> JavaScript ScriptEngineFactory is registered for .js and .esp files.
>
> We might fix this by using .ecma instead of .js for server-side
> JavaScript files.
>
> WDYT ?
>
>>
>> So my question is how do I define subtrees that are not executable,
>> even if they contain a script. I think microsling originally had a
>> convention that only scripts in /scripts were actually executable,
>> but
>> the current code deviates from this convention.
>
> This depends from where you are looking from: I would say, microsling
> devaiated from Sling in that respect ;-)
>
> Regards
> Felix
>
--
Lars Trieloff
lars@trieloff.net
http://weblogs.goshaky.com/weblogs/lars
Re: How to I chmod -x on Javascript files
Posted by Alexander Klimetschek <ak...@day.com>.
I see, so just wait for Jackrabbit 2.0 with JSR-283 including ACLs
(for use in Sling's resource API) and jackrabbit-webdav with ACL
support on top of it.
Alex
--
Alexander Klimetschek
alexander.klimetschek@day.com
Re: How to I chmod -x on Javascript files
Posted by Felix Meschberger <fm...@gmail.com>.
Hi,
Am Mittwoch, den 20.02.2008, 16:25 +0100 schrieb Alexander Klimetschek:
> Am 20.02.2008 um 16:14 schrieb Felix Meschberger:
>
> > We were thinking of such functionality. But it has two drawbacks: It
> > is
> > not easiliy manageable through WebDAV and requires low level
> > repository
> > access and if implemented in the realm of ACLs (the natural
> > integration
> > point IMHO, and of course *nix like) it gets nasty because there is no
> > public API for that ....
>
> Argh, that annonying WebDAV problem.... Doesn't WebDAV have support
> for ACLs including executable flags?
Ah, yes, but the Jackrabbit WebDAV does not currently support that ...
>
>
> > Finally there is a third drawback: We are talking about resources,
> > which
> > need not necessairily come out of the repository (e.g. bundle based
> > scripts). In this context we don't even have a way of setting such
> > flags
> > easily.
>
> Could be resolved by extending the Resource API with those flags and/
> or an ACL API.
We could manage the Reosurce stuff. The Repository ACL stuff is more
complicated. But IIRC ACL management will be part of JSR-283 and
Jackrabbit is currently working on getting this in..
So, I think, this is not currently an option ...
Regards
Felix
>
Re: How to I chmod -x on Javascript files
Posted by Alexander Klimetschek <ak...@day.com>.
Am 20.02.2008 um 16:14 schrieb Felix Meschberger:
> We were thinking of such functionality. But it has two drawbacks: It
> is
> not easiliy manageable through WebDAV and requires low level
> repository
> access and if implemented in the realm of ACLs (the natural
> integration
> point IMHO, and of course *nix like) it gets nasty because there is no
> public API for that ....
Argh, that annonying WebDAV problem.... Doesn't WebDAV have support
for ACLs including executable flags?
> Finally there is a third drawback: We are talking about resources,
> which
> need not necessairily come out of the repository (e.g. bundle based
> scripts). In this context we don't even have a way of setting such
> flags
> easily.
Could be resolved by extending the Resource API with those flags and/
or an ACL API.
Alex
--
Alexander Klimetschek
alexander.klimetschek@day.com
Re: How to I chmod -x on Javascript files
Posted by Felix Meschberger <fm...@gmail.com>.
Hi Alex,
Am Mittwoch, den 20.02.2008, 16:05 +0100 schrieb Alexander Klimetschek:
> As Sling has the general tendency to copy all the features and
> conventions of a UNIX file system into JCR (which is a good thing),
> what about copying over the executable flag of unix files? Could be a
> jcr property like "sling:executable".
We were thinking of such functionality. But it has two drawbacks: It is
not easiliy manageable through WebDAV and requires low level repository
access and if implemented in the realm of ACLs (the natural integration
point IMHO, and of course *nix like) it gets nasty because there is no
public API for that ....
Finally there is a third drawback: We are talking about resources, which
need not necessairily come out of the repository (e.g. bundle based
scripts). In this context we don't even have a way of setting such flags
easily.
Regards
Felix
>
> It would only be a problem if there are javascript files that should
> get executed either client or server, depending on the request, but I
> cannot imagine such a case. So one could mark the /dojo/* tree as non-
> executable. Well, this raises the question for the default value of
> the flag: executable (practically if most scripts are server-side) or
> not executable (if most js files are client-side)?
>
> Regards,
> Alex
>
> Am 20.02.2008 um 15:37 schrieb Felix Meschberger:
>
> > Hi,
> >
> > Am Mittwoch, den 20.02.2008, 14:33 +0100 schrieb Lars Trieloff:
> >> I was unable to get the JSON representation (curl -u admin:admin http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
> >> because Sling tries to execute the JS script then and gives me
> >> following error message:
> >>
> >> org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
> >> defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
> >
> > Yes, we execute a resource, which adapts to Servlet, if the request
> > has
> > an extension. Therefore the request /dojo/dojo/AdapterRegistry.js (no
> > extension) is not executed by the given request is executed (extension
> > json).
> >
> > This collision between streaming the script and executing the script
> > is
> > an issue only with .js files AFAIK. The reason for this is, that the
> > JavaScript ScriptEngineFactory is registered for .js and .esp files.
> >
> > We might fix this by using .ecma instead of .js for server-side
> > JavaScript files.
> >
> > WDYT ?
> >
> >>
> >> So my question is how do I define subtrees that are not executable,
> >> even if they contain a script. I think microsling originally had a
> >> convention that only scripts in /scripts were actually executable,
> >> but
> >> the current code deviates from this convention.
> >
> > This depends from where you are looking from: I would say, microsling
> > devaiated from Sling in that respect ;-)
> >
> > Regards
> > Felix
> >
>
> --
> Alexander Klimetschek
> alexander.klimetschek@day.com
>
>
>
>
Re: How to I chmod -x on Javascript files
Posted by Felix Meschberger <fm...@gmail.com>.
Hi,
Am Mittwoch, den 20.02.2008, 16:42 +0100 schrieb Bertrand Delacretaz:
> On Feb 20, 2008 4:05 PM, Alexander Klimetschek <ak...@day.com> wrote:
>
> > ...As Sling has the general tendency to copy all the features and
> > conventions of a UNIX file system into JCR (which is a good thing),
> > what about copying over the executable flag of unix files? Could be a
> > jcr property like "sling:executable"....
>
> As this seems to be a bit problematic, we could probably live with
> some configured paths where script execution is allowed or not.
>
> Saying for example that only scripts found under /apps and /libs can
> be executed would probably be fine, and this should be configurable if
> people need other executable paths.
This would result in the configuration of /apps and /libs and more if
there are in two locations, which is error prone and bad. In addition,
this approach would disable an overwrite functionality as proposed by
Jukka, where scripts may be colocated somewhere in the content area to
overwrite other scripts. See [1], [2].
Regards
Felix
[1] http://markmail.org/message/bka4tf5op236xnmj
[2] http://markmail.org/message/vthitjgdxms475gi
Re: How to I chmod -x on Javascript files
Posted by Bertrand Delacretaz <bd...@apache.org>.
On Feb 20, 2008 4:05 PM, Alexander Klimetschek <ak...@day.com> wrote:
> ...As Sling has the general tendency to copy all the features and
> conventions of a UNIX file system into JCR (which is a good thing),
> what about copying over the executable flag of unix files? Could be a
> jcr property like "sling:executable"....
As this seems to be a bit problematic, we could probably live with
some configured paths where script execution is allowed or not.
Saying for example that only scripts found under /apps and /libs can
be executed would probably be fine, and this should be configurable if
people need other executable paths.
-Bertrand
Re: How to I chmod -x on Javascript files
Posted by Alexander Klimetschek <ak...@day.com>.
As Sling has the general tendency to copy all the features and
conventions of a UNIX file system into JCR (which is a good thing),
what about copying over the executable flag of unix files? Could be a
jcr property like "sling:executable".
It would only be a problem if there are javascript files that should
get executed either client or server, depending on the request, but I
cannot imagine such a case. So one could mark the /dojo/* tree as non-
executable. Well, this raises the question for the default value of
the flag: executable (practically if most scripts are server-side) or
not executable (if most js files are client-side)?
Regards,
Alex
Am 20.02.2008 um 15:37 schrieb Felix Meschberger:
> Hi,
>
> Am Mittwoch, den 20.02.2008, 14:33 +0100 schrieb Lars Trieloff:
>> I was unable to get the JSON representation (curl -u admin:admin http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
>> because Sling tries to execute the JS script then and gives me
>> following error message:
>>
>> org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
>> defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
>
> Yes, we execute a resource, which adapts to Servlet, if the request
> has
> an extension. Therefore the request /dojo/dojo/AdapterRegistry.js (no
> extension) is not executed by the given request is executed (extension
> json).
>
> This collision between streaming the script and executing the script
> is
> an issue only with .js files AFAIK. The reason for this is, that the
> JavaScript ScriptEngineFactory is registered for .js and .esp files.
>
> We might fix this by using .ecma instead of .js for server-side
> JavaScript files.
>
> WDYT ?
>
>>
>> So my question is how do I define subtrees that are not executable,
>> even if they contain a script. I think microsling originally had a
>> convention that only scripts in /scripts were actually executable,
>> but
>> the current code deviates from this convention.
>
> This depends from where you are looking from: I would say, microsling
> devaiated from Sling in that respect ;-)
>
> Regards
> Felix
>
--
Alexander Klimetschek
alexander.klimetschek@day.com
Re: How to I chmod -x on Javascript files
Posted by Felix Meschberger <fm...@gmail.com>.
Hi,
Am Mittwoch, den 20.02.2008, 14:33 +0100 schrieb Lars Trieloff:
> I was unable to get the JSON representation (curl -u admin:admin http://localhost:8888/dojo/dojo/AdapterRegistry.js.1.json)
> because Sling tries to execute the JS script then and gives me
> following error message:
>
> org.mozilla.javascript.EcmaError: ReferenceError: "dojo" is not
> defined. (/dojo/dojo/AdapterRegistry.js#1) ... and so on.
Yes, we execute a resource, which adapts to Servlet, if the request has
an extension. Therefore the request /dojo/dojo/AdapterRegistry.js (no
extension) is not executed by the given request is executed (extension
json).
This collision between streaming the script and executing the script is
an issue only with .js files AFAIK. The reason for this is, that the
JavaScript ScriptEngineFactory is registered for .js and .esp files.
We might fix this by using .ecma instead of .js for server-side
JavaScript files.
WDYT ?
>
> So my question is how do I define subtrees that are not executable,
> even if they contain a script. I think microsling originally had a
> convention that only scripts in /scripts were actually executable, but
> the current code deviates from this convention.
This depends from where you are looking from: I would say, microsling
devaiated from Sling in that respect ;-)
Regards
Felix
Re: How to I chmod -x on Javascript files
Posted by Felix Meschberger <fm...@gmail.com>.
Hi Jukka and Lars,
This self-exectuing functionality is a side-effect of the resource tree
mechanism.
Regards
Felix
Am Mittwoch, den 20.02.2008, 20:32 +0100 schrieb Lars Trieloff:
> I think this feature was added two or three weeks ago with the
> rationale that you sometimes need to have static scripts that do not
> refer to a specific resource type. I do not find the mail thread or
> bug right now, but I can have a second look.
>
> Lars
>
> On 20.02.2008, at 19:57, Jukka Zitting wrote:
>
> > Hi,
> >
> > On Wed, Feb 20, 2008 at 3:33 PM, Lars Trieloff <la...@trieloff.net>
> > wrote:
> >> So my question is how do I define subtrees that are not executable,
> >> even if they contain a script.
> >
> > Perhaps I'm missing something, but why should Sling ever automatically
> > execute a script that is being requested?
> >
> > BR,
> >
> > Jukka Zitting
>
> --
> Lars Trieloff
> lars@trieloff.net
> http://weblogs.goshaky.com/weblogs/lars
>
Re: How to I chmod -x on Javascript files
Posted by Lars Trieloff <la...@trieloff.net>.
I think this feature was added two or three weeks ago with the
rationale that you sometimes need to have static scripts that do not
refer to a specific resource type. I do not find the mail thread or
bug right now, but I can have a second look.
Lars
On 20.02.2008, at 19:57, Jukka Zitting wrote:
> Hi,
>
> On Wed, Feb 20, 2008 at 3:33 PM, Lars Trieloff <la...@trieloff.net>
> wrote:
>> So my question is how do I define subtrees that are not executable,
>> even if they contain a script.
>
> Perhaps I'm missing something, but why should Sling ever automatically
> execute a script that is being requested?
>
> BR,
>
> Jukka Zitting
--
Lars Trieloff
lars@trieloff.net
http://weblogs.goshaky.com/weblogs/lars
Re: How to I chmod -x on Javascript files
Posted by Jukka Zitting <ju...@gmail.com>.
Hi,
On Wed, Feb 20, 2008 at 3:33 PM, Lars Trieloff <la...@trieloff.net> wrote:
> So my question is how do I define subtrees that are not executable,
> even if they contain a script.
Perhaps I'm missing something, but why should Sling ever automatically
execute a script that is being requested?
BR,
Jukka Zitting