[Python-Dev] doc for new restricted execution design for Python

Brett Cannon brett at python.org
Wed Jun 28 19:54:24 CEST 2006


On 6/28/06, Trent Mick <trentm at activestate.com> wrote:
>
> Brett Cannon wrote:
> > The plan is to allow pure Python code to be embedded into web pages like
> > JavaScript. ...
>
> > ...Then again, Mark Hammond has already done a bunch of work for
> pyXPCOM, so getting Python compiled right into Firefox itself shouldn't be
> too bad.
> >
> > If this really takes off, will probably want both: get into Firefox, but
> have an extension for pre-existing installations.
>
> You should really speak with Mark, if you haven't recently. He's gotten
> a lot further than just PyXPCOM. My understanding (I might be a bit off
> on the branches and timing) is that his "DOM_AGNOSTIC" work on the
> Mozilla code has mostly been checked into the trunk. This work is to do
> mostly what you are describing: Python as a client-side scripting
> language along-side JavaScript.


Handling the Firefox integration is next month, so I will be talking to him.


I can't recall what Mozilla's distribution plans are for this. Certainly
> it wouldn't be before Firefox 3. Then again, default Firefox builds
> would like not include Python by default.
>
> It sounds to me that a restricted-execution/security-model story for
> Python would be important here.


Yep.  One of the reasons I am dealing with it.

Mark (and me a little bit) has been sketching out creating a "Python for
> Mozilla/Firefox" extension for installing an embedded Python into an
> existing Firefox installation on the pyxpcom list:
>
> http://aspn.activestate.com/ASPN/Mail/Message/pyxpcom/3167613
>
> > The idea is that there be a separate Python interpreter per web browser
> page instance.
>
> I think there may be scaling issues there. JavaScript isn't doing that
> is it, do you know? As well, that doesn't seem like it would translate
> well to sharing execution between separate chrome windows in a
> non-browser XUL/Mozilla-based app.


I don't know how JavaScript is doing it yet.  The critical thing for me for
this month was trying to come up with a security model.

And if you don't think it is going to scale, how do you think it should be
done?

-Brett
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/python-dev/attachments/20060628/7ca5efce/attachment.htm 


More information about the Python-Dev mailing list