The following paper was originally published in the Proceedings of the Sixth Annual / Workshop San Diego, California, September 14–18, 1998

WebWiseTclTk: A Safe-Tcl/Tk-based Toolkit Enhanced for the World Wide Web

Hemang Lavana and Franc Brglez North Carolina State University

For more information about USENIX Association contact: 1. Phone: 510 528-8649 2. FAX: 510 548-5738 3. Email: [email protected] 4. WWW URL:http://www.usenix.org/

WebWiseTclTk: A Safe-Tcl/Tk-based To olkit Enhanced for the

World Wide Web

Hemang Lavana Franc Brglez

CBL Collab orative Benchmarking Lab, Dept. of Computer Science, Box 7550

NC State University, Raleigh, NC 27695, USA

http://www.cbl.ncsu.edu/

tion of multimedia content on the WWW. Tcl-plugin Abstract

[7, 8] is an example of an elegant solution for em-

The WebWiseTclTk toolkit is an enhancement of the

b edding Tcl/Tk applications for ready access inside

existing feature set of Safe-Tcl and Safe-Tk that does

the Web browser. In addition, the Tcl-plugin sup-

not compromise security. The toolkit re-de nes the

p orts an excellent mechanism for security of client

load mechanism in Tcl such functionality of the auto

hosts using a padded cell approach [9]. The default

that it works for packages located anywhere on the

security p olicy prohibits Tcl applets tclets from

World Wide Web. It also re-introduces several com-

running other programs, accessing the le system,

mands not available in Safe-Tk such as toplevel

and creating toplevel windows including menus,

and menu to provide a much richer feature set of Tk

thereby giving the client hosts a high level of con -

commands. The toolkit is written entirely in Safe-

dence when executing tclets. However, such restric-

Tcl/Tk and uses the home p olicy for running appli-

tions limit the scop e of the Tcl applications executed

cations as Tcl-plugins.

inside a Web-browser.

The toolkit supports 1 creation of new Web-based

Our initial exp erience with Tcl/Tk, predating the

Tcl applications with greatly enhanced functionality,

phenomenal growth of WWW, was motivated by the

and 2 migration of existing Tcl applications to the

need to develop a user-friendly and versatile envi-

Web by merely writing an encapsulation script. We

ronment to supp ort user-recon guration of complex

demonstrate the capabilities of the WebWiseTclTk

work ows that execute heterogeneous programs and

toolkit by readily creating an encapsulation script for

data for the design of exp eriments in VLSI CAD.

Web-based execution of the Tk Widget Demonstra-

This environment, called REUBEN for reusable and

tions, distributed with the core Tcl/Tk.

recon gurable b enchmarking environment, was im-

Keywords: plugins, Web browsers, security, script-

plemented entirely in Tcl/Tk [1] and [10]. In

ing, encapsulation, GUI.

essence, it provides the user with the ability to create

directed dep endency graphs as work ows of data,

1 Intro duction

program, decision, and work ow no des. Data and

The last few years have seen an explosive growth

programs can reside anywhere on the Internet, and

of the usage of Tcl Tool Command Language

execution of all no des can be scheduled automati-

[1, 2, 3] and its p opularity can b e easily gauged by

cally, regardless of the data-dep endent cycles in the

the large numb er of p ostings in the Tcl newsgroup

graph. In its nal form, the work ows in REUBEN can

comp.lang.tcl. Scripting languages such as Tcl

be multi-cast to several collab orating sites, recorded,

are designed for `gluing' applications and encourage

and played-back for re-execution. An example of

rapid application development as compared to sys-

REUBEN environment to supp ort a number of dis-

tem programming languages, and hence are very im-

tributed and heterogeneous tasks in a VLSI CAD

p ortant for applications of the future [4]. The emer-

work ow is illustrated in Figure 1. More details are

gence of organizations such as the recently formed

available in [11,12,13].

Scriptics [5] and the Tcl/Tk Consortium [6], fo cus-

Migration of large applications, suchas REUBEN,to

ing entirely on scripting to ols, applications and ser-

the Web is not easy if highest level of con dence

vices, is an example of this trend.

in terms of security is desired. This is esp ecially

The maturity and robustness of Tcl/Tk provides a

true, b ecause toplevel windows and menus are es-

new opp ortunity to supp ort creation and presenta-

sential in such applications. One solution could b e

This researchwas supp orted by contracts from the Semi-

to use Jacl [14], an interpreter to run Tcl scripts in

conductor Research Corp oration 94{DJ{553, SEMATECH

a Java environment. Unfortunately, Jacl do es not

94{DJ{800, and DARPA/ARO P{3316{EL/DAAH04{94{

yet contain the entire feature set of Tcl, including G{2080 and DAAG55{97{1{0345.

Fig. 1. REUBEN environment consisting of several windows.

namespaces and Tk. The WebWiseTclTk to olkit pro-  Menu widgets are also disabled in Safe-Tk.

vides an easy solution for the migration of existing  Tclets do not have access to standard input and

Tcl applications to the Web. Minimal changes are standard output.

required in the original application. Our approach

The Tcl-plugin supp orts multiple security p olicies so

uses an encapsulating script to call the main script

that the tclets can p erform any of the functionality

of the original application.

describ ed ab ove. However, this requires every client

This pap er is organized into the following sections:

host to devise and customize their security p olicies

2 motivation; 3 WebWiseTclTk architecture; 4

for every application b efore accessing these as tclets.

implementation of WebWiseTk; 5 implementation

of WebWiseTcl; 6 user's guide; 7 's

It is desirable that the Tcl applications be easily

guide; 8 software status and availability; and 9 translated into tclets and made readily available on

conclusions. the World Wide Web:

 without requiring any ma jor changes in the ap-

2 Motivation

plication co de, and

 without requiring any sophisticated security p ol-

A large application, written in Tcl, typically con-

sists of a short main script and a library of supp ort icy to run the tclet.

scripts. Applications start up quickly by invoking

Wehave develop ed the WebWiseTclTk to olkit as an

the main script. As new features are accessed, the

enhancement to the Tcl-plugin that makes use of the

co de that implements them is loaded automatically,

home policy only. The home policy is, by default,

using the auto load mechanism available in Tcl. A

enabled in the Tcl-plugin and hence applications us-

complex environment suchas REUBEN, describ ed ear-

ing WebWiseTclTk do not require the host clients to

lier and illustrated in Figure 1, requires that a num-

mo dify their existing security p olicies.

b er of windows b e created during its runtime.

The Tcl-plugin, based on Safe-Tcl, restricts running

We decided to use the Tk widget demonstrations,

such large applications inside a Web-browser. A few

distributed with the core Tcl/Tk, as a test-b ench

of these restrictions are listed b elow:

for testing the WebWiseTclTk to olkit. We chose

to translate these demos for the World Wide Web load scheme fails, unless the application  Auto

b ecause they cover most of the commands of the package is installed on the client host. Another alter-

core Tcl/Tk that are otherwise unavailable in Safe- native is to merge all the scripts in the application

Tcl/Tk. Figure 2 shows the result of p osting these into a single script which can be downloaded as a

demos on the Web and executing them on a host tclet.

clientasatclet using the Netscap e browser. We in-  Applications are restricted to a single window

vite users to try out this demo and send us comments since the command toplevel is not available in Safe-

on its features and p erformance. Tk and new windows cannot b e created.

Fig. 2. Tcl/Tk widget demos on the Web.

3 Architecture Figure 3a shows the general architecture that

load mechanism. Sp ecial implements the auto

cases of the generalized architecture are shown in

The to olkit WebWiseTclTk consists of two parts: 1

Figures3b,  and  and describ ed b elow:

WebWiseTcl which is an enhancement for Safe-Tcl

1. Typical client host, downloading a tclet from a and is useful for applications that do not require

Web server, has only the Tcl-plugin installed for its display, and 2 WebWiseTk which is an enhancement

Web-browser. The server site provides not only the for Safe-Tk for applications requiring display. The

tclet scripts but also the WebWiseTclTk to olkit as to olkit itself consists of several smaller scripts and

shown in Figure 3b. The client host downloads uses the mo di ed auto load mechanism designed for

the main script for the tclet which requests to use WebWiseTclTk. WebWiseTclTk Toolkit CBL's Web Site Software Repository

policy \ WebWiseTclTk Tcl Plugin

Tclet Client Host Web Browser Web Server Incorporates Tclets policy home

WebWiseTclTk Toolkit WebWiseTclTk Tclet Toolkit

Scripts

a Generalized architecture.

Tcl Tcl Plugin Plugin

Client Host Client Host Tclet Tclet Web Browser Web Browser Web Server Web Server Incorporates Tclets policy home Incorporates Tclets policy home

WebWiseTclTk Toolkit

Tclet WebWiseTclTk Scripts Tclet Toolkit

Scripts

b WebWiseTclTk to olkit on the Web server.

c WebWiseTclTk to olkit on the client host.

WebWiseTclTk Toolkit CBL's Web Site

Software Repository

Typical scenario of a tclet execution:

Client host visits the Web server. policy \ 1.

WebWiseTclTk Tcl

Main tclet script is downloaded to client

Plugin 2. host. Tclet Client Host

Web Browser

WebWiseTclTk to olkit is loaded and initial- Web Server 3.

Incorporates Tclets policy home

lized.

4. Main tclet script executes.

5. Individual tclet scripts are downloaded as

Tclet and when required.

Scripts

d WebWiseTclTk to olkit on the CBL site.

Fig. 3. Architecture for WebWiseTclTk to okit.

home policy. If the client host has not disabled

the WebWiseTclTk Preferences

the home policy, then the main script downloads

Area for

the initialization script of the WebWiseTclTk to olkit

er site. Once the initialization has com-

from the serv displaying

load mechanism is mo di ed to dy-

pleted, the auto Application Workspace window wnload the remaining scripts of the ap-

namically do consiting of several windows icons

as and when needed during execution of

plication (Canvas widget) (Text

the tclet.

Widget)

2. In the second case, shown in Figure 3c, the

client host has lo cally installed the WebWiseTclTk

to olkit. The main script of the downloaded tclet uses

vailable to olkit and visits the server site

the lo cally a On-line help window

only to retrieve its other scripts. Thus, this results

in faster execution of the tclet co de.

Fig. 4. Layout windowofWebWiseTk to olkit.

3. In the third case, shown in Figure 3d, the

WebWiseTclTk to olkit is neither available on the

server site nor is it installed on the client host. It

used to display its hidden area. The scrollregion of

is available at the software rep ository site at CBL.

the is initialized to 1000  1000 pixels, but

This requires the client host to install a sp ecial Web-

may b e resized using the preferences option on the

WiseTclTk policy that allows the tclets to download

top right corner.

scripts not only from its server site but to also down-

 A text widget is used to display button icons for

load the to olkit from the CBL site. This mechanism

all windows that have b een created, including those

has the advantage of always using the latest version

windows that have b een iconi ed.

of the WebWiseTclTk to olkit.

Several other widgets are shown, such as the On-

The generalized architecture allows the main tclet

line help window, scrollbars for the canvas and text

script to dynamically use one of the ab ove three

widgets, and preferences to con gure the size of the

mechanisms, based on the con guration of the client

canvas widget.

host.

Toplevel. The ability to create a detached window,

We next describ e the implementation details of the

as provided by the command toplevel,isvery use-

two packages WebWiseTk and WebWiseTcl.

ful for GUI applications of even mo derate complex-

ity. We de ne a pro cedure called toplevel which

makes use of the command frame to create a de-

4 WebWiseTk

tached window and display it on the canvas widget.

Several Tk commands are hidden in Safe-Tk to pre-

For every toplevel window, a set of several frames is

vent denial of service attacks against the host sys-

created, as shown in Figure 5.

tem. This, however, limits the scop e of the Tcl-

This gives the lo ok and feel of a real window that

plugin to very simple applications consisting of a

would have, otherwise, b een created by the window

single window only.

manager of the lo cal host system. The frames are

We prop ose to overcome these limitations as follows:

laid out using the grid geometry manager. Each

 re-intro duce several of the hidden commands in

frame serves a sp ecial purp ose:

Safe-Tk,

 The frames on the b order have a default color

 use existing commands that are already available

and an active color which is highlighted whenever

in Safe-Tk, to de ne re-intro duced commands,

the mouse cursor moves inside a window. This helps

 change the implications of a few commands, such

the user to identify the window that is currently ac-

as "grab -local" and "grab -global".

tive. These frames are also useful for changing the

The following sub-sections describ e the metho dology

size of the window.

used for implementation of the WebWiseTk to olkit.

 The next set of frames, just b elow the resiz-

Layout. Figure 4 shows the layout windowof the

ing frame on the top, provide several functions

WebWiseTk to olkit. It consists of two main widget

related to the window, such as kill, iconify,

frames:

maximize/restore size or display the title of the

 A canvas widget is used to display several window.

toplevel windows that may be created during the  A main frame is created in the center corresp ond-

execution of a tclet. If the toplevel window is larger ing to each toplevel window. All subsequent child

than the visible canvas area, then scrollbars maybe windows of the toplevel are packed into this frame. Resize window in both

directions simultaneously safe.

Thus, the command "grab -local $win", as de-

here, results in grabbing of a single win-

Resize window in vertical direction ned

w within the tclet co de and the command "grab

KillWindow Title Iconfiy Maximize do

-global $win" results in a grab across all the win-

ws within the tclet. This e ect of grab can b e im-

MenuBar do

plemented by asso ciating a new class of bind called

WebWiseTclTk with every window in the tclet, as fol-

lows:

$w [linsert [bindtags $w] 0 WebWiseTclTk]

Frame corresponding bindtags

, the class WebWiseTclTk has no bind scripts

to toplevel window Initially

asso ciated with any of the events. Whenever a grab

is p erformed on a window, a bind script is created

for eachevent sequence that redirects the eventto

Resize window in horizontal direction Resize window in horizontal direction

the grabb ed window. The event generate com-

is used to pro cess the event in the grabb ed

Resize window in vertical direction mand

window. Figure 6 shows a script that achieves a

Fig. 5. Implementation of a toplevel window using

global grab for a sp eci c window. A grab is re-

frames.

foreach seq $AllEventSequences {

bind WebWiseTclTk $seq "

 If the toplevel window has a Menu Bar asso ciated

 Redirect events to grab window

with it, then the menu items are packed into a frame

if {!\[string match $win* W] &&

just ab ove the main frame.

\[winfo exists $win]} {

event generate $win $seq

Having created these sets of frames, they are then

break

packed onto the canvas widget in the application

};  End of if stmt

workspace area in Figure 4 by creating a canvas item

"

};  End of foreach loop

of typ e window. This results in a restriction that

the pathname of the windowmust either b e a child

of the canvas widget or a child of some ancestor of

Fig. 6. Script to achieve a global grab on a window.

the canvas widget. Hence, the window names of ev-

ery toplevel command is translated to a new window

leased by re-initializing the bind scripts for the class

name that is a child of the canvas widget. For exam-

WebWiseTclTk to null. Variables are used to store

ple, a new toplevel window called ".w" is translated

the state of the grab command and return appropri-

to a new window name called ".c.1.w", where ".c"

ate values for queries suchas"grab current" and

is the name of the canvas widget and ".c.1" is the

"grab status".

name of a unique frame created for encapsulation

Menus. Menu widgets are as imp ortant as any

of the new toplevel window. In addition, we create

toplevel widgets in any GUI applications, since they

several bindings to manage and interact with the

allow the user to invoke a list of one-line entries

command wm, describ ed next. A binding

as and when required. The structural layout of

is also asso ciated with every toplevel frame so that

the menu widgets created using frame and other

the entire set of frames is destroyed whenever the

Tk commands is shown in Figure 7. The com-

toplevel window is destroyed.

mand menu creates a toplevel frame and di erent

Wm. The window manager command wm needs to

typ es of widgets are added inside this frame: button

be de ned as a pro cedure which manages the vari-

widgets for command entries, checkbutton widgets

ous attributes of the window created using the pro-

for check button entries, radiobutton widgets for

cedure toplevel describ ed earlier. It can b e used to

radio button entries and menubutton widgets for

change the title of the window, to iconify/de-iconify

cascaded menu entries. Separator entries are cre-

the window, or to return the state of the window.

ated using frame widgets as shown in Figure 7.

Grab. An inde nite global grab p erformed by a This structure is hidden from the displayuntil the

tclet will result in a denial of service attack since all user clicks on the menu button at the top. The

the input from the terminal would b e re-directed to implementation of the command grab, as describ ed

the tclet forever. But, if we re-de ne the implication earlier, is imp ortant and allows us to p ost the menu

of a global grab such that it a ects only the windows widget frame whenever the user clicks on the menu

created by the tclet, then it can b e considered to b e button. As the user moves the cursor over di er-

unless their window names are also trans-

Menu Button Other Buttons ... will fail,

lated to a new name ".c.1.w.b", which is in the

hy of the toplevel main frame's children.

Menu frame hierarc

e rename the existing safe commands by moving

Button 1 W

Bordered frame as a separator

them into a namespace for WebWiseTk, and de ne

Menu Button

pro cedures for them. Figure 9 shows a sam-

Radio Button 1 new

ple co de for re-de ning the command button. The wing:

Check Button 1 Radio Button 2 newly de ned pro cedure do es the follo

1. maps all the window names, in the arguments Radio Button 3

Check Button 2 passed to the pro cedure, to the corresp onding hier-

archy in the toplevel frame.

evaluates the original command button with

Cascaded menu frame 2.

mapp ed arguments. This creates a new command

"$new w" for the translated window pathname.

Fig. 7. Implementation of the command menu.

3. de nes a new pro cedure for the original window

pathname "$w" that would have b een created oth-

ent widgets in the menu frame, each widget is high-

erwise. This pro cedure, in turn, invokes "$new w"

lighted and the asso ciated command invoked if nec-

whenever it is called.

essary. Clicking on the cascaded entry results in the

4. translates the window names in the returned

p osting of another menu frame with its asso ciated

values backto original window names. This is im-

entries.

p ortant b ecause the returned values may b e directly

If the menu widget is of the typ e pulldown menuina

passed to other co de for evaluation. Example: "pack

Menubar, then the menuentries are packed into the

[button .b]".

Menubar frame that was created in the toplevel

5. returns the translated value "$new ret".

pro cedure Figure 5.

 Move original command to WebWiseTk namespace

rename button ::WebWiseTk::button-Org

 Define a new command in the global namespace

proc ::button {w args} {

 Map window names

set new_w [mapArgWindowNames $w]

set new_args [mapArgWindowNames $args]

set ret [uplevel 1 ::WebWiseTk::button-Or g \

$new_w $new_args]

 Create a proc called $w

proc ::$w {args} {

 Script to invoke command $new_w ...

Fig. 8. Standard I/O of WebWiseTclTk to olkit.

}

 Map back returned window names

set new_ret [mapRetWindowNames $ret]

Standard I/O and audio. Wehave created a sp e-

return $new_ret

cial window for standard I/O in WebWiseTclTk.Any

}

communication to the standard I/O channel by com-

mands such as puts and gets is redirected to the

Fig. 9. New de nition for command button.

sp ecial window, as shown in Figure 8. Therefore, it

is p ossible for the tclet and a user to interact through

The command bind also has to b e re-de ned. This is

the commands puts and gets.

b ecause the value of "W" in the bind script gets the

Audio commands, suchasbell, are still p otentially

real window name ".c.1.b" instead of the win-

dangerous, with the risk of pro ducing a continuous

dow name ".b" supplied by the tclet. Thus all

tone. Therefore, we de ned a pro cedure bell which

window names referred by "W" in the bind script

pro duces a visual e ect by momentarily changing

are mapp ed back appropriately, b efore invoking the

the background color of the canvas widget.

original bind script.

Safe commands. Earlier, we noticed that when-

Similarly, the command winfo is also rede ned, so

ever a toplevel window, say ".w", is created, the

that its queries, such as "winfo width", "winfo

window name is mapp ed to a new window name

children", etc., are correctly handled.

".c.1.w", corresp onding to the main frame in the

set of toplevel frames. Therefore, existing safe com- Unsafe commands. Few commands, suchas send,

mands suchasbutton with window names ".w.b" tk getOpenFile, tk getSaveFile, etc., do not p ose

mands in Safe-Tcl such that it supp orts the pack- the denial of service attacks, but are still unsafe

aging facility to automatically load scripts from the and very dangerous to the client host system since

server site of the tclet co de. We only need to app end they present other forms of security attacks. These

the lo cation of the server site, given by "getattr commands are therefore not available in WebWiseTk.

originHomeDirURL", to the auto However, it is always p ossible to use an appropri- path variable for

ate security p olicy, other than the home policy, to the auto load pro cedure to work correctly with the

enable these commands. mo di ed commands describ ed next.

Source. The lename argument for the source

Unsafe options. A few options for safe com-

command is parsed for a URL. If the lename is

mands are considered unsafe and hence not available

a URL, then it is downloaded using the command

in Safe-Tk. These include "-bitmap @filename",

"::browser::getURL filename" and its contents

"-file filename" and "-maskfile filename",

are evaluated. Otherwise, the original source com-

among others. It is p ossible to allow these options

mand is invoked, as shown in Figure 10.

on the following conditions:

1. the host system supp orts the use of the home

 Move original command to WebWiseTcl namespace

policy, and

rename source ::WebWiseTcl::source-Org

2. the sp eci ed le exists on the server site of the

 Define a new command in the global namespace

tclet co de.

proc ::source filename {

if {[string match http:* $filename]} {

In such a case, the data for the sp eci ed le-

 Evalute script downloaded from a URL

name is downloaded from the server site using the

uplevel 1 [::browser::getURL $filename]

command "::browser::getURL filename". Then

} else {

 Invoke original source command

"-file filename" or "-maskfile filename" op-

uplevel 1 ::WebWiseTcl::source-Or g $filename

tion is replaced by "-data $downloadedData" or

}

"-maskdata $downloadedData". On the other

}

hand, for the option "-bitmap @filename", a

bitmap image is rst created using the command

Fig. 10. New de nition for command source.

image. Here the replaced option is "-image [image

create bitmap -data $downloadedData]". The

Op en and close. When a lename sp eci ed for

command "image create image -file filename"

open is a URL, the sp eci ed URL is downloaded

is also replaced with "-data $downloadedData" op-

and saved on the temp orary disk space of the host

tion, after we download the data for the sp eci ed

system assigned by the home policy. Then, this le

lename from the server site. However, the option

on the lo cal disk is op ened and its channel identi er

"-data $downloadedData" exp ects the image data

returned. Corresp ondingly, when a close command

to be in base64 format. Images in other formats

is invoked for a URL, the le on the lo cal disk is not

are therefore tranlated to base64 format using the

only closed, but also deleted. These functions are

tcl-only enco ding pro cedures available in the Data

useful for op ening a le/URL in read-only mo de.

Handling Package [15]. The eno co ding pro cess is

File. Wehave re-de ned the command file so that

slow and hence for images of considerable size, one

its options dirname, join, and split return correct

should save the original images in base64 format, in-

results even when the sp eci ed lename is a URL.

stead of enco ding them on the y during execution

Pwd, cd and glob. These commands are not avail-

of the tclet.

able in Safe-Tcl. We therefore assign the URL of the

server site, given by "getattr originHomeDirURL",

5 WebWiseTcl

to b e the default working directory returned by the

command pwd. This value is stored in a variable de-

To maintain security, it is imp ortant that the un-

ned in WebWiseTcl namespace. The invo cation of

safe Tcl commands b e hidden or restricted in Safe-

the command cd then results in change of value of

Tcl. Several di erent security p olicies o ered by Tcl-

the currentworking directory stored in the variable.

plugin 2.0 are convenient and allow the application

The command glob returns a list of all matching

programmer to design tclet co des accordingly. We

URLs found under the URL given by the current

intend to make use of the home policy to enhance

working directory.

the functionality of the Safe-Tcl for WebWiseTcl.

Script libraries and packages provide an excellent

6 Users Guide

mechanism to structure an application co de into sev-

eral smaller scripts, and then dynamically load each We de ne users as those who intend to download and

script as needed. We mo dify the restricted com- view WebWiseTclTk to olkit-based Tcl-plugin appli-

cations within their Web browsers. accessible on your Web server.

csh cd /home/user/public_html /tc lets

Users can very easily and quickly familiarize them-

For example, let the URL corresp onding to this di-

selves with the WebWiseTclTk environment. Figure

rectory b e http://www.your.web.sit e/~ user /tc lets .

2 shows one such typical view of the environment

3. Gunzip and untar the to olkit

within a Netscap e browser. The layout of the en-

csh gzip -dc WebWiseTclTk-x.y.tar.gz | tar xf -

vironment is shown in Figure 4. It has two widget

4. Verify the installation by clicking visiting the

areas - the one on the left contains windows created

examples distributed with the to olkit under

by the tclet, and the one on the right displays a list

http://www.your.web.sit e/~u ser /tcl ets /

of buttons corresp onding to each iconi ed window.

WebWiseTclTk-x.y/exampl es

Both the widgets have auto scrollbars. At the b ot-

Figure 11 shows an example to encapsulate the Tk

tom, a single line help message is displayed, based on

widget demos and execute them on the Web. The

the lo cation of the mouse cursor. The size of the wid-

TkWidgetDemos.tcl script, the demos directory and

get containing the tclet windows may b e increased or

the WebWiseTclTk to olkit directory all exist in the

reduced by the user under the Preferences option.

same directory lo cation on the Web as shown b elow:

A user may also resize the canvas and the text wid-

/home/user/public_html/ tcle ts/ WebW ise TclT k-x .y/e xam ples

get areas by merely dragging the b order b etween the

\

two with a mouse cursor.

|_ TkWidgetDemos.html

|_ TkWidgetDemos.tcl Installation. It is not necessary for the users to

|_ WebWiseTclTk

install the WebWiseTclTk to olkit. The scripts in the

| \

to olkit are dynamically downloaded, as and when

| |_ DownloadToolkit.tcl

required, from the server site of the running applica-

| |_ toplevel.tcl

| ...

tion/tclet. However, for faster access, users do have

|_ demos

an option of installing the WebWiseTclTk to olkit in

\

their Tcl-plugin directory. In this case, the installa-

|_ widget

|_ arrow.tcl

tion pro cedure consists of the following:

|_ button.tcl

1. Download the latest version of the WebWiseTclTk

...

to olkit from:

http://www.cbl.ncsu.edu/ soft war e/W ebWi seT clTk .

When a user downloads the TkWidgetDemos.tcl

2. Change to the installation directory of the Tcl-

script, the script rst tries to load the WebWiseTclTk

plugin on your lo cal le system.

to olkit from the user's host system. If it succeeds,

 For local installation,

then the home policy is requested since the Tk wid-

csh cd ~/.netscape/tclplug/2. 0

get demos consist of several di erent scripts. On the

 Or, for site installation,

csh cd /usr/local/lib/netscap e/t clpl ug/ 2.0

other hand, if the WebWiseTclTk to olkit cannot b e

3. Gunzip and untar the to olkit.

loaded from the user's host system, then it is down-

csh gzip -dc WebWiseTclTk-x.y.tar.gz | tar xf -

loaded from the tclets's server site.

4. Verify the installation by visiting the test site

The variable $tk library is set to p oint to the

under http://www.cbl.ncsu.edu/ soft war e/W ebW iseT clT k.

tclets's server site so that it knows from where to

auto load the demo script. Finally, the widget

The to olkit consists of tcl-only scripts and hence

script is sourced to execute the demos.

do es not require any compilation step.

If the tclet do es not require the use of display, p ossi-

ble by setting "tk=0" in the html emb ed statement,

7 Guide

then it is also p ossible to load only the WebWiseTcl

to olkit.

We de ne programmers as those who: 1 in-

Debugging. When writing new tclets, program-

tend to write Tcl-plugin applications based on the

mers can avoid using Tcl-commands which are

WebWiseTclTk to olkit, or 2 to translate their

either not available or not yet implemented in

existing Tcl applications into tclets for execution

WebWiseTclTk to olkit. However, when converting

over the Web.

existing applications, it is very dicult to isolate

Programmers, who intend to use the WebWiseTclTk

and remove these commands in the co de. There-

to olkit for their tclets, should follow the guidelines

fore, we provide a mechanism whereby a b ox

listed b elow:

is p opp ed up whenever any unavailable or unimple-

1. Download the latest version of the WebWiseTclTk

mented command is used in the co de the rst time,

to olkit from:

as shown in Figure 12.

http://www.cbl.ncsu.edu/ soft war e/W ebWi seT clTk .

2. Change to a directory on your system that is The programmer, who is testing the tclet as a user,

 TkWidgetDemos.tcl --



set WebWisePKG WebWiseTk ;  Necessary, if the tclet requires display

set WebWisePKG WebWiseTcl ;  Use this if display is NOT required



 Get the URL for tclet's server site

if {[catch {set originHomeDirURL [string trimright [getattr originHomeDirURL] /]}]} {

 Software is invoked from the local file system NOT in a Web browser

set originHomeDirURL /home/your_path/tclets

set auto_path [linsert $auto_path 0 $originHomeDirURL/WebW ise TclT k]

package require $WebWisePKG

} else {

 Software is invoked from a Web browser

 Check whether the toolkit is available locally on the user's host system.

if {[catch {package require $WebWisePKG}]} {

 Not available - so download it from the tclet's server site.

policy home ;  Need this policy to fetch URL from the server site.

eval [::browser::getURL $originHomeDirURL/WebW iseT clT k/Do wnl oadT ool kit. tcl ]

 Now setup the package auto_load

package require $WebWisePKG

} else {

 Use the home policy, if the tclet code consists of several scripts

policy home

}

}

 Initiallize the WebWiseTk layout

WebWiseTk .webdesk

 Set tk_library, so that it can access other files in the demos directory.

set tk_library $originHomeDirURL

 Now invoke the Tk widget demos

source $originHomeDirURL/demos/ wid get

 Alternatively, if the tclet code is small, it can follow here.

 your tcl script...

Fig. 11. Main script for encapsulation of the Tk widget demos shown in Figure 2.

grammers can 1 de ne and add their own com-

mands whichmay b e unavailable, suchassend,ina

separate le, or 2 re-de ne the existing commands

by mo difying the corresp onding le to implement

their own version of the command.

For example, the commands toplevel and menu

may be re-implemented with a di erent layout to

give a native lo ok and feel on di erent platforms.

8 Exp eriences and Future Scop e

The Tcl-only implementation, mapping window

names onto a canvas ob ject, real-time conversion of

Fig. 12. Dialog b ox for unimplemented commands.

gif images to base64 format, etc results in degra-

has a choice to either ignore the generation of this

dation of p erformance. We have tried to minimize

dialog b ox, the next time the same command is used,

these e ects by mo dularizing the co de in such a fash-

or to rep eat it. A "StackTrace" button is also avail-

ion that related tcl pro cedures are clustered into sin-

able to lo cate the generation of the unimplemented

gle script les. Thus, pro cedures required for imple-

command in the co de.

mentation of the menu command are loaded only if

the command is used by the tclet co de. Another Extensibility and recon gurability. The

area of optimization is p ossible by improving the ef- WebWiseTclTk to olkit consists of several smaller

ciency of the pro cedure to map window names back scripts, sp eci cally one le for each command that is

and forth onto canvas ob jects, since this is one of the either newly de ned or re-de ned. Therefore, pro-

their tclets into several smaller scripts. Such scripts most frequently called pro cedure.

are easier to manage and dynamically loaded during

Installing a lo cal copy of the to olkit with the Tcl-

the execution of the tclet.

plugin on the client host will improve the p erfor-

While most of the commands related to denial of ser-

mance when the distance b etween the client host and

vice attacks maybeeventually restored in the Tcl-

the web-server is large. We also need to improve the

Plugin, WebWiseTclTk to olkit still o ers the ability

reliability of the to olkit by adding sucient ho oks

to con ne the tclet windows to a single display within

to handle cases when `getURL' is likely to timeout

the Web browser.

or fail under high network trac conditions.

Our rst ma jor application of WebWiseTk has b een

the intro duction of Web-based user-con gurable and

9 Software Availability and Status

executable work ows that supp ort an environment

The WebWiseTclTk to olkit describ ed is available at

functionally similar to one in REUBEN [11, 12, 13].

http://www.cbl.ncsu.ed u/s oftw are /We bWi seTc lTk . The

First demos of this capability has b een shown in the

currentversion of the to olkit is beta 1.02.

University Bo oth during the 1998 Design Automa-

Wehave successfully tested this version of the to olkit

tion Conference [16]. On-line demos are accessible

on a Sun Sparc workstation with Solaris 2.5.1 using

from http://www.cbl.ncsu.edu/demos.

Netscap e 4.0 and 3.0.

On a Windows 95/NT machine, we had to install the

References

to olkit lo cally b efore we could access tclets based on

[1] The Tcl/Tk Home Page. Published under URL

WebWiseTclTk. Also, we had to use a sp ecial p ol-

http://sunscript.sun.c om/, 1997.

[2] J. K. Ousterhout. Tcl and the Tk Toolkit. Addison-

icy that allows downloading scripts from the server

Wesley, 1994.

site using the command ::http::geturl from the

[3] B. B. Welch. Practical Programming in Tcl and Tk.

http package. This is b ecause, 1 the blo cking

Prentice Hall, 1997.

[4] J. K. Ousterhout. Scripting: Higher Level Program-

version of the command ::browser::getURL is not

ming for the 21st Century. Published under URL

supp orted in Netscap e 4.0, and 2 the command

http://scriptics.com/p eopl e/j ohn. ous terh out /-

::browser::getURL is not available under Internet

scripting.html, March 1998.

[5] Scriptics Corp oration. Published under URL

Explorer 4.0 for the Tcl-plugin. The implementation

http://www.scriptics.c om/, 1998.

of menu widgets in WebWiseTclTk is sp eci c to

[6] The Tcl/Tk Consortium. Published under URL

and hence do not function prop erly on a Windows

http://www.tclconsorti um.o rg/ , 1998.

[7] The Tcl Plugin Home Page. Published under URL

95/NT machine.

http://sunscript.sun.c om/p lug in, 1997.

Wehave also tested the to olkit successfully on a Mac

[8] J. Y. Levy. A Tcl/Tk Netscap e Plugin. Pub-

lished under URL http://sunscript.sun.com/ plu gin/ -

running under MacOS 8.0. Again, the current im-

paper.html,May 1996.

plementation of menu widgets do not work correctly

[9] J. K. Ousterhout, J. Y. Levy, and B. B. Welch.

on a Mac.

The Safe-Tcl Security Mo del. Published under URL

http://scriptics.com/p eopl e/j ohn. ous terh out /-

Some of the features of the WebWiseTclTk to olkit de-

safeTcl.ps, March 1997. Draft.

scrib ed in this pap er are not yet implemented. For

[10] D. Lib es. Exploring Expect. O'Reilly and Asso ciates,

1995.

example, in menu widgets, advanced features that

[11] H. Lavana, A. Khetawat, F. Brglez, and K. Kozminski.

are not implemented include: the accelerator op-

Executable Work ows: A Paradigm for Collab orative

tion for any of its entry is ignored, creation of clones

Design on the Internet. In Proceedings of the 34th Design

Automation Conference, pages 553{558, June 1997. Also

of menu frames using the tear-o entry is not p os-

available at http://www.cbl.ncsu.edu /pu blic ati ons/ -

sible, etc. For details of such items and current up-

1997-DAC-Lavana.

dates, please consult

[12] Amit Khetawat. Collab orative Computing on the Inter-

net. Master's thesis, Electrical and Computer Engineer-

http://www.cbl.ncsu.edu/ soft war e/W ebWi seT clTk .

ing, North Carolina State University, Raleigh, N.C., May

1997. Also available at http://www.cbl.ncsu.edu/ -

publications/1997-The sis- MS- Khet awa t.

10 Conclusions

[13] H. Lavana, A. Khetawat, and F. Brglez. Internet-based

Work ows: A Paradigm for Dynamically Recon gurable

We have demonstrated the capabilities of the

Desktop Environments. In ACM Proceedings of the

WebWiseTk to olkit by readily p osting an existing Tcl

International Conference on Supporting Group Work,

application, namely the Tk Widget Demos, as an ex-

Nov 1997. Also available at http://www.cbl.ncsu.edu/ -

publications/1997-GRO UP-L ava na.

ecutable Tclet on the Web. Since these demos cover

[14] I. K. Lam and B. Smith. Jacl: A Tcl Implementation in

most of the commands available in the main Tcl/Tk

Java. In Proceedings of the Fifth Annual Tcl/Tk Work-

interpreter, they signify the p otential usefulness of

shop, July 1997.

[15] Do cument Handling Package. Published under URL

the to olkit.

http://tcltk.anu.edu.a u/DH P/, 1997.

Intro duction of the WebWiseTcl to olkit, which uses

[16] Design Automation Conference. Published under URL

http://www.dac.com/, 1998. the home policy, enables programmers to structure