These are chat archives for highfidelity/hifi

8th
Mar 2014
Clément Brisset
@Atlante45
Mar 08 2014 00:08
Is there a way to include (or import) a .js into another ?
Brad Hefta-Gaub
@ZappoMan
Mar 08 2014 00:08
not in our system
Stephen Birarda
@birarda
Mar 08 2014 00:08
not without something like require.js I don’t think
Clément Brisset
@Atlante45
Mar 08 2014 00:09
Want me to look into it ?
Stephen Birarda
@birarda
Mar 08 2014 00:10
probably something we will want eventually
Clément Brisset
@Atlante45
Mar 08 2014 00:10
yeah, because script are gonna get messy, and you might want to reuse only a part of someone else’s script.
Brad Hefta-Gaub
@ZappoMan
Mar 08 2014 00:24
how does requirejs actually work? I'm not familiar with it.
We could add support to our script engine to allow for "including" other JS files.
Clément Brisset
@Atlante45
Mar 08 2014 00:24
I think it simply evaluate the script
Yes, just a function script engine.include();
that would work I think
Brad Hefta-Gaub
@ZappoMan
Mar 08 2014 00:25
I raised this issue a couple months ago… at the time the answer was "not yet"...
Clément Brisset
@Atlante45
Mar 08 2014 00:26
Ok'
Brad Hefta-Gaub
@ZappoMan
Mar 08 2014 00:26
but I agree it would be very useful for many scripts if we could use included modules
Clément Brisset
@Atlante45
Mar 08 2014 00:26
I mean I don’t desperately need it, but that’ll allow to tidy the scripts a little bit
Brad Hefta-Gaub
@ZappoMan
Mar 08 2014 00:27
on thing we also need to think about is where scripts can get loaded from
this is why we didn't really go down this road too far… because where do you include from?
if we allow anyone to:
Script.include("url…");
then do we worry about security of what's in that URL?
but I think we have a general question about script security… I mean as of now, anyone can write a script and paste it into a domain, and cause havoc. (grief)
includes just make that even worse because it's a level of indirection which makes audits even harder.
Stephen Birarda
@birarda
Mar 08 2014 00:39
We’ll probably need to hold off until we deal with script permissions
you can imagine we’d add an api to load in js files from trusted source
or if you’ve loaded script from an untrusted source and said it was okay it should be able to load other scripts from same domain
Clément Brisset
@Atlante45
Mar 08 2014 00:47
in the end including a script is basically the same than loading one.
they both need to be checked.
Stephen Birarda
@birarda
Mar 08 2014 01:05
@VictorArgote are you around?
Dimitar Dobrev
@ddobrev
Mar 08 2014 18:42
Hey, fellows, working today?
Philip Rosedale
@PhilipRosedale
Mar 08 2014 22:53
hey ddobrev whats up? will help if i can.