World: r3wp

console = popup window and some users hate those

Henrik: thank you, please post it on the 1.3.3 feature req checklist.

done

: ) "WRT to the 1.3.3 release: I'm going to need your help on sifting 
through all the "noise" (i.e. everyone's opinion about we should 
have or not have) to drill down to the features that are absolutely 
necessary for this release." : )

Well, we can throw it into Qtask, let everyone log any task they 
want, and then you can assign them priorities.  This is what Qtask 
does.

hi, thank you for updating this plugin !-)

but like the first plugin version do not forget to take proxy configuration 
of IE or FireFox and the bypass-proxy input !!!!!!

like this we will be ok to use rebol/plugin in intranet behin a firewall...... 
thank you again

This is I think an important feature - to be able to use the browser 
to distribute your rebol applications across private network.

Agreed.

Security settings often prevent users from installing applications 
.. so a browser app makes it easier for admins to distribute an application.

For plugin updating, you could make the minimum version a parameter 
and have the plugin update if the requested version isn't installed, 
or fail if the requested version doesn't exist.

As for things like do-browser, it would be nice if the copy of REBOL 
called by the plugin could be passed some callbacks to which it would 
delegate some basic functionality like requesting a local file, proxy 
settings, do-browser, etc. This would allow the plugin to better 
integrate with the browser's existing behavior and security infrastructure.

If the REBOL library's runtime environment could be extended with 
arbitrary routines defined in the wrapper plugin that would make 
things like do-browser even easier.

By the way Josh, the security discussion we were having last night 
wasn't noise. Without the security restrictions discussed above noone 
would be able to safely install this plugin and allow it to run scripts 
from any but the most trusted sites. This is important.

I messaged you privately with my concerns.

I agree with Brian wholeheartedly.

thanks for the feedback. i apologize if i conveyed the idea that 
security discussions are noise. What I mean is that I don't have 
the bandwidth to sift through pages of discussion and build the plugin 
at the same time. So, for my sake, we need some kind of itemized 
system where Carl and I can tackle the issues one-by-one.

And -- yes, I need to read through the conversations, but a free-for-all 
format (that includes bugs, etc.) doesn't really work for me. Maybe 
a checklist, or perhaps, Qtask (mentioned above)?

Maybe another RAMBO database ?

i've never used it before.

It's pretty good, simple and easy to use.

okay. who runs it?

regarding security: so we need a list. i.e. change #1: disable xyz. 
change #2: make xyz a prompt that looks like this. etc.

I've added a few entries to your 1.3.3 checklist based on reading 
these discussions.

http://www.rebol.net/cgi-bin/rambo.r

Guess who :)

okay :) i'll talk to Carl. i think he said no to RAMBO once (above), 
but maybe we can get something working.

Brian: thanks!

Well, I can summarise the security proposals as discussed here and 
post them to your private message area if you prefer.

In between working with Gabreile on parse extensions, of course.

I mean Gabriele.

Can you just use a checklist item? maybe post them in this format:
	Title: Disable xyz.
	Description:
		<long description>
		Priority: <1-4>
		Benefits (what we gain): 
		Tradeoffs (what we lose):
		Why it's worth it:

that's just an idea. i'm open to other formats.

And don't forget those of us who want to use the browser as a delivery 
mechanism for fully empowered un-castrated Rebol applications.

Sure, if you want. I'll edit the security entry I already put there.

Regarding timeframe: I'm still in the middle of developing this new 
installation system which will allow automatic updating. After that, 
we'll move to whatever you guys think is next on the priority list. 
Maybe security? :)

Don't worry Graham, we already adjusted for your concerns yesterday.

Graham: okay. that's the whole licensing/encryption/pro features/etc. 
issue right?

That partial encapping, signed and encrypted scripts proposal.

No .. I think people are frightened that Rebol might be used by some 
mafioso types to damage/hold to ransom your pc.

Right. It will be on the list, but may not make it until REBOL 3.0. 
That seems a little tougher to do. TBD.

Like Lethal Weapon IV

Which it will.

1. User right-clicks existing plugin in browser window for context 
menu, chooses "Check for newer version of Rebol Plugin"
2. Plugin checks for newer version

3. if newer version -> "Would you like to install newer version ?" 
4. if "yes", download and install.

5. "Would you like to remove the older version (you probably don't 
need it now) ?"


When there are multiple versions installed there could a menu option 
to activate one of them.


!!Updater should not close the browser. It should suggest to the 
user to close and reopen.

Anton: So you're proposing multiple versions running side-by-side?

That's an interesting thought. Can you explain why?

If possible. I understand it might be difficult with files being 
overwritten etc.

The newer version make break older code that the user may be relying 
on. "Thanks a lot, updater!!"

I think that major versions should be installable side-by-side, and 
minor versions autoreplace so that security fixes can propagate.