<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><br><div><div>Am 08.06.2009 um 08:00 schrieb Alexander Repenning:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div>It would be nice if we could bring Lisp into the 21 century by adding <br>some kind of native support for URLs. For instance, with more and more <br>people posting Lisp files by attaching them to emails how about being <br>able to just load them via (load URL)? Chances are you already keep <br>your files in some web accessible repository, e.g., Google Code/ svn<br><br>At a conceptual level there is a question of how to integrate (or <br>perhaps replace) the existing notion of CL pathnames with URLs. This <br>will cause some headaches but could replace the portable logical <br>pathnames with a long overdue modern approach.<br></div></blockquote><div><br></div><div>'logical pathnames' and URLs are really very different things for different purposes.</div><div>Logical pathnames were invented to make file locations configurable and independent of physical location in groups of computers.</div><div><br></div><div>If you had URLs as a type of pathnames, it would still make sense to have logical pathnames and now allow pathname translations over URLs.</div><div><br></div><div>URLs are only a part of the solution. MIME types then are necessary, HTTP traffic, HTTPs, ...</div><br><blockquote type="cite"><div><br>At an implementation level, in CCL, one could start by hacking load. <br>If the pathname is a string starting with "http://" then the chance is <br>pretty good that we are dealing with a URL<br><br>(load "<a href="http://xmlisp.googlecode.com/svn/trunk/XMLisp/sources/IDE/specific/Mac%20CCL/anticipat-symbol-complete.lisp">http://xmlisp.googlecode.com/svn/trunk/XMLisp/sources/IDE/specific/Mac%20CCL/anticipat-symbol-complete.lisp</a> <br>")<br></div></blockquote><div><br></div><div>I'm not sure 'LOAD' without any <b>security</b> story is more than a hack.</div><div><br></div><div>But the <b>security problems</b> are clear:</div><div><br></div><div>* <b>unencrypted traffic can be manipulated easily</b></div><div>* <b>DNS names and their resolution can be manipulated</b></div><div>* <b>the files in public repositories can be manipulated</b></div><div>* <b>proxies can manipulate the traffic they see</b></div><div><b>* CL has no security model, no sandboxes, LOAD executes code without any protection.</b></div><div><br></div><div>When you load a file over the web without any security and have the file contents immediately execute (LOAD executes code) - I'd say that's an invitation for all kinds of abuse.</div><br><blockquote type="cite"><div><br>The file could be downloaded via HTTP, perhaps as temp file, and then <br>loaded the "old" way. Even here there are questions. Should one use <br>CFNetwork? URLDownload looks temptingly simple but depreciated, <br>NSURLDownload hmmmm.... just use TCP streams and make you own HTTP <br>GET, ... so many options.<br><br>With a bit more work one could do some clever local caching similar to <br>Google Gears.<br><br>Any suggestions?<br></div></blockquote><div><br></div><div>CL-HTTP does some of that stuff already. I guess other Lisp based solutions, too. It has some simple functionality: COPY-FILES from and to HTTP, getting directory listings, ...</div><div><br></div><div>The useful stuff for HTTP access is:</div><div><br></div><div>* opening streams to HTTP resources for reading and writing</div><div>* copying text and binary data</div><div>* 'understanding' some types of 'directories'</div><div><br></div><div>regards,</div><div><br></div><div>Rainer Joswig</div><br><blockquote type="cite"><div><br>Alex<br><br><br>Prof. Alexander Repenning<br><br>University of Colorado<br>Computer Science Department<br>Boulder, CO 80309-430<br><br>vCard: <a href="http://www.cs.colorado.edu/~ralex/AlexanderRepenning.vcf">http://www.cs.colorado.edu/~ralex/AlexanderRepenning.vcf</a><br><br><br>_______________________________________________<br>Openmcl-devel mailing list<br><a href="mailto:Openmcl-devel@clozure.com">Openmcl-devel@clozure.com</a><br>http://clozure.com/mailman/listinfo/openmcl-devel<br></div></blockquote></div><br><div apple-content-edited="true"> <span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div>Rainer Joswig, Hamburg, Germany</div><div><a href="http://lispm.dyndns.org/">http://lispm.dyndns.org/</a></div><div><a href="mailto:joswig@lisp.de">mailto:joswig@lisp.de</a></div><div><br></div></div></div></div></div></div></div></div></div></div></div></span><br class="Apple-interchange-newline"> </div><br></body></html>