Active Swikis

In 1.31, there is an additional, undocumented class called ActiveSwikiAction. Active Swiki pages can actually contain embedded Squeak code (between tags) which will be executed at serve time, and the result will be returned in the page. The possibilities are really neat -- interactive Swiki pages, student programming in Swiki pages, collaborative hacking, etc. You can create one just by doing "ActiveSwikiAction setUp: 'myactiveswiki'" (Don't forget to create the directory first!)

Of course, the obvious problem is security -- how do you prevent people from embedding code that hacks the server? Our sole security check right now is the dangerSet in ActiveSwikiAction. Before the embeddeded code is executed, we look for the words in the dangerSet in the code, and if we find any, the code isn't executed. Here's the challenge: Can we get a safe dangerSet?

I have an activeSwiki to explore at http://triton.cc.gatech.edu/active. Take this Swiki as a challenge -- currently, I think we're completely safe from manipulating files. I will set up one of those (on a new Mac) and we'll open it up to Squeakers. But do take this Swiki as a chance to try it out and see a few examples I've set up there.


"More About Squeak..."
Home Page for How To Squeak

Last modified at 2/25/98; 10:33:41 AM
Other Links of Interest
College of Computing | EduTech Institute | GVU Center
Mark Guzdial | CS2390, Modeling and Design | STABLE