0

I'm looking for some solution of next problem: Now i'm developing an Rails app. I want to have possibility to code in Ruby at browser and then execute that code in my Rails app.

Are there some ready solutions?

UPD:

  1. what about code highlighting?
  2. what about Native Client?
asked Jan 19, 2012 at 8:14
10
  • 3
    is that a huge security breach that i smell ? Commented Jan 19, 2012 at 8:15
  • Native Client in C++, not ruby. Commented Jan 19, 2012 at 9:09
  • @Raynos code.google.com/p/nativeclient/source/browse/trunk/src/… Commented Jan 19, 2012 at 9:11
  • @falinsky interesting, I guess you could do it that way. But why would you want to execute ruby in a browser environment? Commented Jan 19, 2012 at 9:14
  • @Raynos actualy i need to get valid ruby code from web page and execute it server-side. though i'm not sure about native client Commented Jan 19, 2012 at 9:29

3 Answers 3

1

https://github.com/codegram/rack-webconsole

Or you could simply pass the Ruby code to the server via post and call eval eval(CODE).

You should note that especially the second way is very insecure since it gives the executing code complete access to your system.

If this really has to be done "Locking Ruby in the Safe" could help secure it.

EDIT:

For syntax highlighting take a look at Code Mirror and ACE. Both are decent source code editors with ruby support.

answered Jan 19, 2012 at 8:38
Sign up to request clarification or add additional context in comments.

Comments

1

There aren't really any real-world deployable solutions for this yet, but you might look at text/x-ruby as a proof of concept.

There's also the Cloud9 IDE which functions as a browser-based IDE, and will persist code back to your server to be run.

answered Jan 19, 2012 at 8:17

Comments

1

eval is what you are looking for. A user enters Ruby-code, which gets POSTed to your rails app. Inside your controller you will need to eval the submitted Ruby code.

But. You probably don't want this. If there really seems to be a need to evaluate and run user submitted code, you most probably will need to re-think the need for that feature. This is almost impossible to make secure. And even when you secure it from certain users, it can be exploited trough XSS; which can actually take over a server in no-time trough this "feature".

answered Jan 19, 2012 at 8:31

Comments

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.