Plug-in Musings (And Do We Need a Beta 2 of 2.4?)

I had a thought the other day. Maybe it was today. It doesn’t matter, really, but I was thinking… wouldn’t it be neat to have a menu item that you could open a dialog that – when online, of course – let you enter a book title and have it return a link to Amazon? Or maybe a list of books, in the event that there’s more than one that fits. It’s very easy to do, with the Amazon XML Services interface exposed – and I’m certain that there’s other service to grab from online – but then I got to thinking some more, and now I have a quandary.

Rather than just a hard coded link to only Amazon, I got to thinking that it would be killer if I could publish an interface to expose some functionality… you know something that let other people write plug-ins for me, much like how the IBlogExtension was published for people like me for hooks into RSS Aggregators? I figure it would be a couple of member functions or maybe a property/procedure combo that would take in a parameter (or two or three) for search parameters and then returned a collection of results that represented text (or links) that would be inserted into the currently select text box.

So, using the Amazon book thingy as an example, there would be a smt_amazon.dll in a plug-in directory. #MT would have to know about the plug-in ahead of time and there would be a “Amazon” menu item. You put focus in the Entry Body text box and select the menu item. A dialog opens with a “search” text box and a search button; click “search” and a list is populated with a list of matching books. Select a book and click OK and voilà! the link would be inserted into the Entry Body text box.

From #MT’s point of view, I’d have to keep a list of plug-ins to load and expose on a menu; if clicked, I pass up to three parameters to a plug-in and wait for a return set of items that I display in a list box. If one is selected, I take the returned text from the plug-in and show it.

From a #MT plug-in point of view, they would be a .NET DLL that inherited the interface. It would get handed up to three parameters and return a collection of results. The results could be a list of URL’s, anchor links, image references; it would be up to the plug-in coder to decide what to include. So long as some text was associated with it (to show in the results box) it could be anything.

The problem that I have with this whole idea is the “what if”. Maybe I’ve been looking into security too much lately – been studying for the second third of the MCAD certification and there’s all sorts of chapters for security stuffs – but how could I prevent malicious code from running? Every time I think of something that could be enacted on the plug-in, to keep it “safe”, I think of something else that could be exploited. There’s no way that I’m willing to keep a machine around just for testing plug-ins and setting up a “certification” system – that’s way beyond anything that I want to do. I guess it could be a “use at your own risk” type system, but I’m not sure if I feel comfortable about that either…

Any thoughts on this?

Oh, and BTW: how is 2.4 Beta 1 doing? I haven’t heard a peep as to whether or not the changes help the international situation… I’d like to know, so that I can get 2.4 “done” soon. Silly leaving a beta out there that people aren’t happy with or happy with. If it’s working well, I’ll can call it a release; if it sucks, I need to know so I can fix it. Thanks!


5 thoughts on “Plug-in Musings (And Do We Need a Beta 2 of 2.4?)”

  1. Hey, don’t let the security stuff get you down. Yes, it’s important – but is SharpMT a critical system service?

    I’d say go for it and add the plugin stuff. It would be great to be able to generate links to amazon using my associates ID easily from SharpMT – that would be killer.

    Keep up the good work!

  2. I think you’re both not focusing on the right thing. The Amazon link is an example and only if someone codes a plug-in that did that. The question is more about the plug-in as an extended architecture… I could add the Amazon one myself and imbed it if I wanted it – the question is does it make more sense to invest the time in an expandable scheme with the knowledge that someone could screw a machine through it…

  3. Well lets think about it for a minute. Someone could only screw with the security if you download their plugin right? If you had a clearinghouse for plugins, maybe that would allow people to feel better about downloading them? Who knows, I think its not a big issue, at least for me.

    So about the plugins as a whole, what would be some cool ones?

    Weather

    Photo Gallery

    Netflix – Similar to Amazon link

    Map Locations – Create link to map from city or place names

    I’m sure there are more…

  4. Well that’s the sticky point. It’s only an issue if someone downloads a rogue plugin. Theoretically speaking ANY software you download could be malicious but I’m just concerned that I could be used to open another hole, in all honesty… and a clearing house is the best way to go, but I don’t think there’s anyway that one could be tapped for free, even for a freeware project.

    I’ve been busy with project that pay lately, so I’ll put it on a back burner and give it some more thought… there’s some tech involved that I’ve never personally done (i.e. setting up an interface that is shared and then compiling that as a class library) and getting that together will be “tricksy”… even so, I always seem to find down time :)


Leave a Reply to James Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.