[x3d-public] x3d-public Digest, Vol 153, Issue 11
John Carlson
yottzumm at gmail.com
Sat Dec 4 17:12:17 PST 2021
On 12/4/21 18:36, Andreas Plesch wrote:
> Thanks, John, for reviving the Script node discussion. I think Don's
> summary is accurate. Let me add a few observations.
Thanks, Andreas. Here are my concerns:
1. Providing pull-downs for importing X3D XML and X3D JSON files will
not work if the script is not embeddable in X3D. The script and the
X3D nodes should appear in the same file, ideally, so X3DJSONLD remains
unchanged. In otherwords, the HTML page should not be primarily
concerned with executing X3D scripts (see X3D-Edit's way of running
scripts in X3D browsers). I don't know if we're going to support
X3D-Edit going forward, but work is being done.
2. I have security issues with eval, too. Leonard suggested a
possible workaround using "new Function" I am unsure of any additional
security features using that. X3DJSONLD uses eval with X3DOM to do my
scripts. I keep a virus checker on my production server, and work with
github, which hopefully provides for some virus checking.
3. X3DOM is extensible, so one may add new tags (easily?).
4. Yes, using application specific scripts in HTML (not X3D) is ruining
X3DJSONLD.
5. I need to accept what's happening and change with it.
6. I have requested examples of particle system emitters for creating
random numbers.
More information about the x3d-public
mailing list