Not sure if this is on anybody's roadmap (or if it's already 90% complete somewhere), but I was thinking about giving Thimble the ability to pull (or receive) HTML from external sources -- maybe only trusted ones. It would be handy to close webmaker content over the tools we offer. e.g. Popcorn export to Thimble; Nudgepad export to Thimble; goggles export to thimble!
For sure! Friendlycode, the editor widget behind Thimble, has a concept of a "publisher" object that can be passed into it, which is responsible for saving and loading HTML source. By default, it does its usual Thimbley thing, but an alternate publisher can be passed into it. Here's an example that makes Friendlycode use hackpub, the publishing API used by the goggles: https://github.com/mozilla/friendlycode/blob/gh-pages/examples/alternate-publisher.html
Cool cool! We'd have to use a version of friendlycode outside of Thimble though, right? I (and others) would love to have this functionality be a part of the webmaker ecosystem by default.
if we can make the friendlycode widget take a defaultContent that is either a string, or a URL, that would probably solve what the app-maker team wants to achieve, correct?
Indeed! Looks like there's an apparatus in place to help already. Something like this would take advantage of it: https://github.com/secretrobotron/thimble.webmaker.org/compare/mozilla:master...bug-893845-html-injection Not sure of the security implications though.
Assignee: nobody → pomax
Status: NEW → ASSIGNED
Depends on: 929705
wontfixing for now due to no requests for it. We're actually loading content from URL already for regular projects, but until we plan to open thimble up as a "remix everything" tool, I'm closing this ticket. There's no good status for "implicitly iceboxed", so wontfix will have to do.
Status: ASSIGNED → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.