Talk:Quartz Composer

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Apple Inc. (Rated Start-class, Low-importance)
WikiProject icon This article is within the scope of WikiProject Apple Inc., a collaborative effort to improve the coverage of Apple, Macintosh, iOS and related topics on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
Start-Class article Start  This article has been rated as Start-Class on the project's quality scale.
Checklist icon
 Low  This article has been rated as Low-importance on the project's importance scale.

What is safe?[edit]

"Custom patches using Apple's Xcode template are always considered unsafe." Does this make sense? If apple's templates are unsafe, which ones are not Pstdenis (talk) 23:09, 15 January 2009 (UTC)

  • It could probably be better phrased, but it makes some sense. It is not Apple's Xcode template ..., but Apple's Xcode template... In other words, the ones people make themselves. Mlewan (talk) 19:42, 16 January 2009 (UTC)
  • Chiming in here, at risk of some taintage: Apple's template for QC patches (included with xcode) has no provision for "safe" plugins. However, there are non-apple templates that can mark themselves as safe. One such template is the kineme one (I'm one of the developers of that template, hence the potential conflict of interest on my end) -- This reference: points to an extremely early version of this template. Feel free to clear it up as y'all see fit (or ask for more details :) Xtophyr Wright (talk) 21:14, 16 February 2009 (UTC)
  • Chiming in more, ARE there any "Quarz Composer Trojan Horses out there? QC allows one to make sub-patches that can execute (I suppose) arbitrary JavaScript code - or perhaps even Cocoa code included as a dylib or something in the QC document package (I haven't messed with it enough to know either). Even with just JS, a malicious hacker might be able to do some damage, unless QC runs the JS in a sandbox that cannot mess with the outside environment, or alerts the user IF AND ONLY if the JS tries to get information from outside the sandbox. (Grumble about Apple's arguably flawed "File Quarantining" - which will train users to just click through another "well intended but annoying" dialog. Anyway, it is NOT a "quarantine" - because there is NO way that I know of for the system to absolutely determine if a file IS safe - whether or not the USER trusts it - the whole POINT of Trojan Horses is to get the user to trust them. Now, if Apple could REALLY "quarantine" a file in a sandbox for long enough to ensure that it would NOT mess with anything that it shouldn't.. That might work) —Preceding unsigned comment added by (talk) 00:27, 5 May 2010 (UTC)

External links modified[edit]

Hello fellow Wikipedians,

I have just modified 10 external links on Quartz Composer. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

When you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at {{Sourcecheck}}).

You may set the |checked=, on this template, to true or failed to let other editors know you reviewed the change. If you find any errors, please use the tools below to fix them or call an editor by setting |needhelp= to your help request.

  • If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
  • If you found an error with any archives or the URLs themselves, you can fix them with this tool.

If you are unable to use these tools, you may set |needhelp=<your help request> on this template to request help from an experienced user. Please include details about your problem, to help other editors.

Cheers.—InternetArchiveBot (Report bug) 18:04, 20 July 2016 (UTC)