Package sandboxing

2019-07-23

You will often need to install tools on your website to extend its functionality. The first such tool is typically the IDE, which lets you edit the filesystem of your website. With the IDE, you can list all the files, read all their attributes and file contents. That’s great as long as it is only you reading all that data, but you may not want to allow everyone else to do so.

To prevent this, Boomla introduces package sandboxing: requests that hit a URL within an installed package will be sandboxed to that package, unless the visitor is the website owner.

Example scenarios

Using the IDE

The IDE is typically installed at

//example.com/sys/packages/ide.boomla.com

You will go the same address to access the IDE, generally by clicking the IDE link in your toolbar when you are logged in.

In case you are logged in as the website’s owner, the sandbox root will be //example.com, so you (and therefore the IDE) will have full access to the entire website. In this case we could say that no package sandboxing is applied.

Any other visitor, either logged on to the Boomla platform or not, will be sandboxed to the package root:

//example.com/sys/packages/ide.boomla.com

This means that the visitor will have full read access to the entire package tree, but not your website outside the package.

Using a gallery app

Let’s say you install the package gallery.boomla.net which will be mounted at

//example.com/sys/packages/gallery.boomla.net

You create a gallery instance at /gallery and set its type to a gallery app within the package, say:

//example.com/sys/packages/gallery.boomla.net/v2

Your website’s root page will display this gallery.

When a visitor loads your website root at //example.com, the gallery will be rendered by executing the gallery app within the gallery package. It will not be sandboxed to the gallery package, because the request originated outside the sandbox at //example.com.

The behavior will be identical to all visitors whether they are the website owner or an anonymous visitor.

Why

Until now, tools were hosted on external websites and marked as tools on the Control Panel which gave them cross-site access. This has been a temporary solution as it doesn’t scale very well.

While this approach is still available, it is now deprecated and will be removed in the future. Clicking the IDE link in your toolbar now will check if the IDE is already installed on your website. If not, it will take you through a next-next-finish installation flow before landing you in your IDE.

Additional benefits

  • undo/redo is now available in the IDE,
  • you can now copy/paste across your website and the IDE as they use the same clipboard,
  • the New Panel is now available in the IDE as well.


Cheers,