[Xerte-dev] Re: Upload and security
Smith, John
J.J.Smith at gcu.ac.uk
Wed May 22 14:24:14 BST 2013
In Xenith we parse the parameter in the play page into a standard json object which is then used in a x_function after the content is all loaded and ready… shouldnn’t be too hard to duplicate..
The resume option adds a hash to the URL so the page doesn’t reload but the javascript can also access that, parse and redirect through the same x_function…
It’s just about defining the parameter because with xerte we have page=, PageID= and LinkID= to handle…
Regards,
John Smith
Learning Technologist
School of Health & Life Sciences
Glasgow Caledonian University
From: xerte-dev-bounces at lists.nottingham.ac.uk [mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Pat @ Pgogy
Sent: Wednesday, May 22, 2013 2:07 PM
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Upload and security
Anchor?
On 22 May 2013, at 13:42, Julian Tenney <Julian.Tenney at nottingham.ac.uk<mailto:Julian.Tenney at nottingham.ac.uk>> wrote:
Any idea how to approach it from outside, or how to allow the end user to link to a particular page?
From: xerte-dev-bounces at lists.nottingham.ac.uk<mailto:xerte-dev-bounces at lists.nottingham.ac.uk> [mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Ron Mitchell
Sent: 22 May 2013 13:42
To: 'For Xerte technical developers'
Subject: [Xerte-dev] Re: Upload and security
Cheers thought I'd tried that but most have got it wrong. :-(
From: xerte-dev-bounces at lists.nottingham.ac.uk<mailto:xerte-dev-bounces at lists.nottingham.ac.uk> [mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Julian Tenney
Sent: 22 May 2013 13:28
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Upload and security
The links can work the same way:
<a href="javascript:parseContent(1);">Lorem</a>
…from within the document. I don’t know how to link to a particular page from outside… presumably via some parameter which then leads to a parseContent() call
From: xerte-dev-bounces at lists.nottingham.ac.uk<mailto:xerte-dev-bounces at lists.nottingham.ac.uk> [mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Ron Mitchell
Sent: 22 May 2013 11:43
To: 'For Xerte technical developers'
Subject: [Xerte-dev] Re: Upload and security
Looks like delays on the mailing list again :-( replying to my own sent message here…
The additional page links in the top nav bar can be easily missed. Is there a way to manually add page links within the text of a page? e.g. how can I get javascript:parseContent(1) to work?
BTW because it's obviously using the same editor the Xerte page links option shows on right click and shows the pages within the bootstrap project but obviously generates ASfunction code and doesn't work. Is there something to borrow from John's HTML 5 solution for that which would work for these page links I'm trying to add?
Ron
From: Ron Mitchell [mailto:ronm at mitchellmedia.co.uk]
Sent: 22 May 2013 11:18
To: 'For Xerte technical developers'
Subject: RE: [Xerte-dev] Re: Upload and security
The new stuff looks great - I wish I had time to explore further :-(
Although I'm actually using my currently installed version to prepare and deliver moodle admin training resources for use tomorrow.
A few of the delegates yesterday certainly like it!
Ron
From: xerte-dev-bounces at lists.nottingham.ac.uk<mailto:xerte-dev-bounces at lists.nottingham.ac.uk> [mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Julian Tenney
Sent: 22 May 2013 11:00
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Upload and security
> I'd ask what you want the bootstrap to be - a mini website for Non-techies or a sort of techie play space?
Both. I did few things over the last few days: I added some new nodes that are defined as advanced. You only see them if you click the show advanced checkbox – see below, you can toggle the script, canvas and html nodes on or off, they appear below the divider. So non-techs never need to see them.
Rather than try and support a load of different html tags (I did canvas and thought, hang on, where does this end?), I added a specific tag for html, to distinguish it from text elements (second show below), mainly because bootstrap has all those components that you need to define using html, and they are useful if you know what to do with them – and you also need to write javascript to use them or respond to user input).
I also added the ability to define styles on the project (root) icon, via an optional property, and as well, you can upload a stylesheet if you’d rather. You already know I added the ability to load third party libraries, and there is a script tag for writing javascript (third show below).
You can see this piece at http://www.nottingham.ac.uk/toolkits/play_8222). So all in all, it’s very powerful.
<image001.png>
<image002.png>
<image003.png>
From: xerte-dev-bounces at lists.nottingham.ac.uk<mailto:xerte-dev-bounces at lists.nottingham.ac.uk> [mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of Pat @ Pgogy
Sent: 22 May 2013 09:59
To: For Xerte technical developers
Subject: [Xerte-dev] Re: Upload and security
JavaScript is in the banned list I think
I'd ask what you want the bootstrap to be - a mini website for Non-techies or a sort of techie play space?
On 21 May 2013, at 10:00, Julian Tenney <Julian.Tenney at nottingham.ac.uk<mailto:Julian.Tenney at nottingham.ac.uk>> wrote:
Just reprising a recent conversation about uploading javascript. You guys weren’t keen. I just uploaded a txt file with javascript in it, loaded via a script tag in the bootstrap template and it – of course – executes, but we knew that anyway.
Is it the case that only authorised users – those logged in – can get anything through upload.php? Should authorised users be able to upload javascript?
Second and slightly related question, playing around with the bootstrap template wizard: I got it adding canvas, and thought about other userful building blocks for developers. You could define them in a text icon <canvas width=”500” height=”350”/> and then script them from a script icon, so are we gaining anything at the expense of confusing users who don’t know what scripts and canvases do? I just though ‘well, where does it end? Divs, styles, etc’ and we can do it all with text anyway. But in looking at some of this stuff, it would really be handy to be able to upload scripts, because writing anything more than trivial in the wizard is going to be gribbly.
What do you think?
<image001.png>
_______________________________________________
Xerte-dev mailing list
Xerte-dev at lists.nottingham.ac.uk<mailto:Xerte-dev at lists.nottingham.ac.uk>
http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev
_______________________________________________
Xerte-dev mailing list
Xerte-dev at lists.nottingham.ac.uk<mailto:Xerte-dev at lists.nottingham.ac.uk>
http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev
This message and any attachment are intended solely for the addressee and may contain confidential information. If you have received this message in error, please send it back to me, and immediately delete it. Please do not use, copy or disclose the information contained in this message or in any attachment. Any views or opinions expressed by the author of this email do not necessarily reflect the views of the University of Nottingham.
This message has been checked for viruses but the contents of an attachment may still contain software viruses which could damage your computer system, you are advised to perform your own checks. Email communications with the University of Nottingham may be monitored as permitted by UK legislation.
Glasgow Caledonian University is a registered Scottish charity, number SC021474
Winner: Times Higher Education’s Widening Participation Initiative of the Year 2009 and Herald Society’s Education Initiative of the Year 2009.
http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,en.html
Winner: Times Higher Education’s Outstanding Support for Early Career Researchers of the Year 2010, GCU as a lead with Universities Scotland partners.
http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,15691,en.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte-dev/attachments/20130522/7d313eaf/attachment-0001.html>
More information about the Xerte-dev
mailing list