Re: Local program exection in WWW browsers

Dave Raggett (
Wed, 13 Apr 94 16:17:33 BST

Stan Letovsky comments:

> I think what is needed is a scripting language extension to
> HTML that allows programs to manipulate the browser state, including
> possibly dynamic restructuring of the displayed documents. Dave Raggett
> is including an API for such languages in the HTML+ spec. Security concerns
> can be addressed by restricting the operations available in the language --
> e.g. no file system manipulations, or only interactively confirmed ones.

and Gary Adams responds:

>Would Telescript or Safe-Tcl be viable candidates as embeddable control
>languages in HTML docs? I don't know a lot about these languages, but
>it might save a lot of development time to leverage an existing body
>of code if it meets the need.

These languages are indeed candidates, but my primary concern right now
is what functionality is needed, and how to ensure that hostile or buggy
scripts can't harm the client system in any way. This has meant focussing
on the API between the client and script interpreter rather than an early
selection of language. Both Telescript and Safe-Tcl were designed with
different environments in mind, and we need to be creative about our needs
for fill-out forms and later on perhaps, for coordinating different media.
I also feel that the Web deserves a scripting language that makes it
especially easy for novices to get started. Does Telescript or Safe-Tcl
really match up to this?

Best wishes,

Dave Raggett

----------------------------------------------------------------------------- Hewlett Packard Laboratories, +44 272 228046 Bristol, England