Nxt Forum

Please login or register.

Login with username, password and session length
Advanced search  

News:

Latest Nxt Client 1.11.5 - NEW RELEASE: Ardor 2.0.3e TestNet IS LAUNCHED!

Pages: 1 ... 3 4 [5]  All

Author Topic: [Client Plugins] Specification / Developers Guide  (Read 9407 times)

Riker

  • Core Dev
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1619
    • View Profile
  • Karma: +418/-42

My thoughts:
The problem of trusting plugins in decentralized environment while maintaining the anonymity of the developers is a difficult one.

I suggest the following best practices to make plugins more trustworthy:

For developers, use distribution system like the one we already use for the NXT itself and SuperNet:
1. Open source code.
2. Reproducible packaging procedure.
3. Package downloaded directly from the same source control system.
4. Hash of the package posted on the nxtforum.
5. Additional PGP or some form of digital signature which confirms the identity of the developer.

For users, I suggest the following best practices:
1. Do not install plugins which does not rely on the distribution system described above.
2. Use only plugins installed by yourself, avoid using plugins when connecting to a public node.
3. Do not use plugins when connecting to an account which has significant amount of NXT.
4. Make sure a plugin uses only JavaScript and Html, avoid plugins which rely on fat client technologies such as Java Applet, ActiveX, Flash etc, in other words, do not confirm any browser security prompt when using plugins.
5. Do not follow links from plugin pages to external web sites.

In general I don't think we should introduce a new feature and disable it by default.
NXT Core Dev
Account: NXT-HBFW-X8TE-WXPW-DZFAG
Public Key: D8311651 Key fingerprint: 0560 443B 035C EE08 0EC0  D2DD 275E 94A7 D831 1651

Tosch110

  • Ex-Staff Member
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2375
    • View Profile
  • Karma: +211/-18

In this sense maybe the easiest way would be to have the plugins inactive as default. They are shown in the navigation bar. Once you click them, you see a first page "plugin disabled" with a button "enable" and you can proceed using this plugin.
Instead of either choosing to disable / enable them on the login page first.

You would not have to worry using big accounts in the first place as they are disabled by default. Then you can choose to just use enabled plugins (in this session)?

jones

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1043
  • write code not war
    • View Profile
    • jNxt
  • Karma: +310/-8

Ok, that is clear thanks. I misunderstood.


If lyaffe/JL etc. post a link with a hash, then I would be comfortable.

Opportunity for someone to make a ratings website that collates and publishes the blockchain messages from accounts known to belong to devs.

Top tier devs (JL), their word alone might be enough. It could take 1-3 second tier devs before I trust them. Then maybe 1 second tier devs and 3-4 third tier devs before I trust another plug in. Everyone will have a subjective view on which devs go into which tier and everyone can pick their own combinations to suit their comfort level  ;D And it is another possible revenue stream for devs.

Ok, I'm sold now.

A cool idea here, I've been thinking about how best to do this for a while now as trust systems intrigue me :)

I'll have to give this one a try in the near future.
-- Jones NXT-RJU8-JSNR-H9J4-2KWKY

marek3ball

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 305
    • View Profile
  • Karma: +31/-2

In this sense maybe the easiest way would be to have the plugins inactive as default. They are shown in the navigation bar. Once you click them, you see a first page "plugin disabled" with a button "enable" and you can proceed using this plugin.
Instead of either choosing to disable / enable them on the login page first.

You would not have to worry using big accounts in the first place as they are disabled by default. Then you can choose to just use enabled plugins (in this session)?

This sounds user friendly if it is possible. Will I see warning during enabling the plugin that he will know my password? Problem is that infected plugin won't say that he will read password.

chevdor

  • Full Member
  • ***
  • Offline Offline
  • Posts: 165
    • View Profile
  • Karma: +19/-0

Hello,

How do you develop your plugins?

Do you test within the NRS client and is there a way to refresh a plugin without log out then back in?
Or do you test outside NRS somehow?

I was able to write and install my plugin but I donĀ“t see it possible to log out and back in constantly to test.
NXT-YCLA-V44V-USJK-3GPJD
BM-2cXnA5HdtsDttGaPEAJd1oYX3zMbiKDewV

NxtSwe

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 659
    • View Profile
  • Karma: +121/-9

How do I show a custom modal dialog in my plugin?

hello_world comes with a 'p_hello_word_info_modal' sample but it is never used.
How would I go about to actually show this in the hello world example?

Thanx!
Check out the NxtLib, the .NET Framework API for the Nxt platform.

Tosch110

  • Ex-Staff Member
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2375
    • View Profile
  • Karma: +211/-18

How do I show a custom modal dialog in my plugin?

hello_world comes with a 'p_hello_word_info_modal' sample but it is never used.
How would I go about to actually show this in the hello world example?

Thanx!

Try out this:

Code: [Select]
NRS.setup.p_hello_world = function() {
//Do one-time initialization stuff here
$('#p_hello_world_startup_date_time').html('<a href="#" data-toggle="modal" data-target="#p_hello_word_info_modal"'+moment().format('LLL')+'</a>');

}

Now the datum at the bottom of the plugin shows the example modal

NxtSwe

  • Hero Member
  • *****
  • Offline Offline
  • Posts: 659
    • View Profile
  • Karma: +121/-9

How do I show a custom modal dialog in my plugin?

hello_world comes with a 'p_hello_word_info_modal' sample but it is never used.
How would I go about to actually show this in the hello world example?

Thanx!

Try out this:

Code: [Select]
NRS.setup.p_hello_world = function() {
//Do one-time initialization stuff here
$('#p_hello_world_startup_date_time').html('<a href="#" data-toggle="modal" data-target="#p_hello_word_info_modal"'+moment().format('LLL')+'</a>');

}

Now the datum at the bottom of the plugin shows the example modal

Thanx, that works.
PS. you forgot a '>' in the code above.
Code: [Select]
$('#p_hello_world_startup_date_time').html('<a href="#" data-toggle="modal" data-target="#p_hello_word_info_modal">'+moment().format('LLL')+'</a>');
Check out the NxtLib, the .NET Framework API for the Nxt platform.

SwissAlps

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 446
    • View Profile
    • NxtTracker.com
  • Karma: +26/-11

Hi guys,

I'm trying the plugins on version 1.5.8e

It shows Hello World correctly.  I made a directory similar to this but when I look at the starting page, it doesn't show in the "Active Plugins", showing only the "Hello World", any idea
why ?

Thanks... :)
Nxt CasinoTool : Roulette and Lotteries, see :
www.NxtTracker.com...

Tosch110

  • Ex-Staff Member
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2375
    • View Profile
  • Karma: +211/-18

Hi guys,

I'm trying the plugins on version 1.5.8e

It shows Hello World correctly.  I made a directory similar to this but when I look at the starting page, it doesn't show in the "Active Plugins", showing only the "Hello World", any idea
why ?

Thanks... :)

To create a new Plugin, copy paste and rename the folder hello_world. For example: "test".
Modify to:

test/html/pages/test.html
test/html/modals/test.html
test/js/nrs.test.js
test/css/test.css

Now you can use as startpage in manifest.json what you are using in test/html/pages/test.html and test/js/nrs.test.js

See what might be missing with your plugin here:

HolgerD77

  • Core Dev
  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 299
    • View Profile
  • Karma: +49/-0

Hi guys,

I'm trying the plugins on version 1.5.8e

It shows Hello World correctly.  I made a directory similar to this but when I look at the starting page, it doesn't show in the "Active Plugins", showing only the "Hello World", any idea
why ?

Thanks... :)

Have you read the developers guide at the beginning of this thread?
NXT-AQ9F-JC4F-NCM2-4JSXZ

SwissAlps

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 446
    • View Profile
    • NxtTracker.com
  • Karma: +26/-11

Hi guys,

I'm trying the plugins on version 1.5.8e

It shows Hello World correctly.  I made a directory similar to this but when I look at the starting page, it doesn't show in the "Active Plugins", showing only the "Hello World", any idea
why ?

Thanks... :)

To create a new Plugin, copy paste and rename the folder hello_world. For example: "test".
Modify to:

test/html/pages/test.html
test/html/modals/test.html
test/js/nrs.test.js
test/css/test.css

Now you can use as startpage in manifest.json what you are using in test/html/pages/test.html and test/js/nrs.test.js

See what might be missing with your plugin here:



Thanks, you devs guys are real geniuses !  It is working now like a charm.

(I forgot the CSS rename...as I said somewhere, I am very low level in java, so if I can do it, it shows that everybody can do it  ;D ;D ;D.

You made life very simple for us  :) :))
Nxt CasinoTool : Roulette and Lotteries, see :
www.NxtTracker.com...

chevdor

  • Full Member
  • ***
  • Offline Offline
  • Posts: 165
    • View Profile
  • Karma: +19/-0

Cross posting a bit here but I guess the following link will be helpful to whoever was fighting while renaming everything everywhere and forgetting half of it (as I did :) )

https://github.com/chevdor/generator-nrs-plugin
NXT-YCLA-V44V-USJK-3GPJD
BM-2cXnA5HdtsDttGaPEAJd1oYX3zMbiKDewV

Irontiga

  • Full Member
  • ***
  • Offline Offline
  • Posts: 122
    • View Profile
    • burstcoin.info
  • Karma: +9/-4

Thanks, you devs guys are real geniuses !  It is working now like a charm.

(I forgot the CSS rename...as I said somewhere, I am very low level in java, so if I can do it, it shows that everybody can do it  ;D ;D ;D.

You made life very simple for us  :) :))

There's no java involved, only javascript ;P

Also, do we have to do all this renaming and stuff of file and what not?

Can we not just have, inside of manifest.json, fields which point to the files we're using? There could be
Code: [Select]
{
"html" : ["main.html", "responses.html"]
"js" : ["run.js", "backend/functions.js"],
"css" : ["main.css"]
}
etc. This would make the structure and code a lot cleaner imho....
« Last Edit: September 15, 2015, 01:34:30 am by Irontiga »
NXT-S27N-JBGA-J8QD-AMAT8

devlux

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 308
    • View Profile
    • Gemspace
  • Karma: +67/-2

Ubuntu Xenial
Chrome Version 49.0.2623.108 Ubuntu 16.04 (64-bit)
Firefox 45.0.1

NRS 1.8.0e and 1.7.5

Plugin API appears to be completely broken.
Changing the "Plugins Enabled/Disabled" does nothing even on logout, and reset.

I'm going to dig deeper but I think it may be the way you are persisting the change from enabled to disabled.
Hello World
Quack
etc all seem to be busted right now.  They will not enable no matter what I try.  There are errors in the console mostly related to using outdated API that are deprecated and disabled.  However most of those seem to be about someone's use of synchronous ajax.

I'm going to dig in and change whatever guard code is blocking plugins to be default enabled, see if that fixes it.
Plugins are enabled according to the login page.  Just the account seems to be where they are disabled. 
Someone should see if they can replicate please. 
Evolution NEXT D.A.C.
NXTAE:3385321989487982138 (EVOLVE)

devlux

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 308
    • View Profile
    • Gemspace
  • Karma: +67/-2

Ubuntu Xenial
Chrome Version 49.0.2623.108 Ubuntu 16.04 (64-bit)
Firefox 45.0.1

NRS 1.8.0e and 1.7.5

Plugin API appears to be completely broken.
Changing the "Plugins Enabled/Disabled" does nothing even on logout, and reset.

I'm going to dig deeper but I think it may be the way you are persisting the change from enabled to disabled.
Hello World
Quack
etc all seem to be busted right now.  They will not enable no matter what I try.  There are errors in the console mostly related to using outdated API that are deprecated and disabled.  However most of those seem to be about someone's use of synchronous ajax.

I'm going to dig in and change whatever guard code is blocking plugins to be default enabled, see if that fixes it.
Plugins are enabled according to the login page.  Just the account seems to be where they are disabled. 
Someone should see if they can replicate please.

Confirmed on this site as well  http://198.46.193.111:6876/index.html
Evolution NEXT D.A.C.
NXTAE:3385321989487982138 (EVOLVE)

devlux

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 308
    • View Profile
    • Gemspace
  • Karma: +67/-2
Evolution NEXT D.A.C.
NXTAE:3385321989487982138 (EVOLVE)

Tosch110

  • Ex-Staff Member
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 2375
    • View Profile
  • Karma: +211/-18

Found the problem and posted a temporary work around here...
https://nxtforum.org/core-development-discussion/something-is-broken-in-the-plugin-api/

Thank you for digging so deep into the code. I hope the necessary changes will soon make it into the new builds.
Pages: 1 ... 3 4 [5]  All