

Utility Mill - My Latest Site - Feedback is Appreciated - tocomment
http://utilitymill.com
I've been putting it together over the past few months.  I'm hoping it will be really useful to people one day.  Thanks in advance for any feedback.
======
ed
Wow, this is a really amazing concept, even if it's still a little rough
around the edges. I think it's going to take a while for people to see the
value here but honestly this rocks.

<braindump>

You're gonna need to support more libraries. I'm making a util to turn a page
of thumbnails into a page of inline full-sized images and am going to need re
to do it. At the very least create a whitelist of allowed imports; I'd really
like to be able to use urllib2, re, some HMTL/XML parsers, etc...

The best use of a service like this appears to me to be writing little web
clients to interact with existing web services, kinda like you're writing
shell scripts for the web. And branding aside, I think you're going to need a
new definition for "utility." It's a little too ambiguous.

I think there's a lot of potential value here but am also wondering about
possible revenue models. Maybe restrict system resources for free accounts or
offer additional libraries for premium members? Seems like this would be a
sub-optimal site to monetize through advertising.

</braindump>

~~~
tocomment
Thanks ed. I'm really glad you like it.

There are allowed utilities currently: "calendar, datetime, difflib, math,
random ,re, string, time, and urllib are already imported."

I did strip out things that connect to other websites though. I'm not sure how
I could allow outgoing connections, and still prevent a malicious user from
sending spam, or other bad things? But I'll add that down the road perhaps.

I'm aiming to change the security system so that the entire Python interpreter
is open to users within a few weeks. (I'm still not sure about outgoing
connections though).

Any ideas for the branding? Why is utility too ambiguous?

For revenue, so far I'm thinking having premium accounts someday with cool
features like download desktop app version of any utility, or standalone CGI
script.

~~~
ed
> "I did strip out things that connect to other websites though. I'm not sure
> how I could allow outgoing connections, and still prevent a malicious user
> from sending spam, or other bad things? But I'll add that down the road
> perhaps."

That's a shame. I was wondering why openurl didn't work. Why import the module
if you don't allow outgoing connections? You will have to address the spam
issue eventually but really that's almost a problem of success; focus on it
when you need to. Until then, disallowing outgoing connections is overly
restrictive and cripples what could potentially be a really cool service.

I also noticed that try...except blocks are blocked as well. Why is that?

~~~
tocomment
Good points. Maybe I'll put outgoing connections back in then. Until there are
100's of new utilities every day, I could probably keep an eye on things.

The security code I found doesn't allow try ..except, I'm not sure why. In any
case, what I'm working on right now is a way to remove most or all of the
restrictions. I'll let you know when that's up and running.

------
tocomment
This is a site I've been putting it together over the past few months. I'm
hoping it will be really useful to people one day. What do you guys think?
What would make it more useful to you? Does it explain itself?

~~~
aston
I like the general idea a lot. I assume you're shooting for a rather geeky
audience, and adding wiki stuff to coding is a pretty sweet idea.

I kind of wish that when using a utility, basically the page feels like I'm
just using that utility and that the focus isn't on utility mill itself. Think
about how Gawker media positions itself in relationship to its blogs. If you
put the main site aside and let the utilities be the forefront, you get bigger
viral possibilities since people are likely to pass around a util just because
it's handy (rather than passing around util mill). Some steps towards this
would be giving utils nice, top level paths (no /utility/) and designing the
page so that the non-utility stuff is in a non-imposing frame around it rather
than being relatively large.

~~~
tocomment
That's a good idea to put the focus more on the utility. Perhaps someday I
could even let people put their logo, and styles on utilites? I also wonder if
providing widgetized versions of the utilities might also promote viral
possibilities? (That's on my list)

~~~
waleedka
Nice idea. But allow me easy integration with my web site. For example, give
me the option to get the utility inputs without any of the logos or text
around them. This way, I can link to it from an IFrame on my site and it looks
like it's part of my page. Could be very useful to create data collection
forms, especially if you also allow a small storage APIs so I can save the
form inputs.

~~~
tocomment
Good point. That's pretty much how I'm envisioning the widgets would work.
Maybe with a very small logo? Or maybe not.

Data collection would be trickier since so far I'm seeing that as outside the
scope of a utility. I'm trying to avoid making it into a general purpose
build-a-web-app site since I don't want a huge learning barrier for new users.
I could be wrong though, maybe that is what people want.

------
runningskull
Making adding inputs AJAX-ified (sorry for the buzzword) would make it quite a
bit more usable. Other than that, great site. I'm sure I'll be finding more
and more uses for this...

~~~
tocomment
I'm looking forward to seeing what uses you find. Let me know any feedback you
have along the way. If something is confusing or you're stuck without some
feature, let me know right away.

For the AJAX, how do you see that working? I guess you're talking about the
input builder on the utility editing page?

------
intellectronica
Server error!

The server encountered an internal error and was unable to complete your
request. Either the server is overloaded or there was an error in a CGI
script.

If you think this is a server error, please contact the webmaster. Error 500
utilitymill.com Tue Oct 2 19:07:13 2007 Apache/2.0.59 (Unix) mod_ssl/2.0.59
OpenSSL/0.9.8c DAV/2 mod_fastcgi/2.4.2 PHP/5.2.3 SVN/1.4.4

~~~
tocomment
Yeah, it's still in the prototype stage. I'll see what error it hit. I'm
guessing it's something related to your trying to call the print statement
999,900 times :-)

When working correctly it should kill running code after 2 seconds of runtime.
(Perhaps it needs a maximum response size too)

------
omouse
How are you ensuring that the input is safe? I just tried `import
sys;sys.exit(0)` and got an error message thankfully :)

~~~
tocomment
Good question. I run the code first through a parser that (hopefully) removes
all unsafe elements like file, and import. It was a Python cookbook recipe I
found.

If the site gets more popular, I'd like to switch to running an unrestricted
interpreter in a chroot jail so users will have access to the full power of
Python and third party libraries like PIL.

------
altay
Wow, this is a really cool idea! I'd add some stuff about the API interface to
the screencast. To me, that's the most interesting part.

FYI, I get a server error when I try the Run Utility example at
<http://www.utilitymill.com/help/api>

~~~
tocomment
I'm hearing a lot that the API is the most interesting part. I'm curious why
that is. I figured it was more like a bonus feature when I added it. Any
ideas?

I'll have to make some more screencasts when I get a chance, including the
API.

BTW, I fixed the API error you were having. Sorry about that.

~~~
ed
The API is interesting (to me at least) because it allows you to write glue
code between existing web API's. It would be really cool to chain (pipe)
Utilities, too.

Sounds pretty similar to Yahoo Pipes. On the other hand, this site actually
works.

~~~
tocomment
Yahoo pipes doesn't work?

------
apgwoz
One possible feature is to create a web service interface to using the
utilities, maybe over XML-RPC or something.

~~~
tocomment
It has that <http://www.utilitymill.com/help/api>

Is it not obvious from the main page, or did you have something else in mind?
I went with a more RESTful like approach than XML-RPC, basically copying the
del.icio.us API design (XML and JSON)

~~~
apgwoz
Oh, perfect. I missed it. I would expect to see something like this on the
page for the utility though. Maybe in a section, "Find out how you can call
this utility from your programs!"

This is a great site. I look forward to seeing it's progression.

~~~
tocomment
Very good point. Every utility should provide information on how to access it
via the API. I'll put that on my todo list.

Glad you like it.

------
gsiener
Great idea, nice start. What are your thoughts on the SLA?

~~~
tocomment
How do you mean?

------
bdr
suggest "collaborators" instead of "collaberators", "ineffable" instead of
"effable"

~~~
tocomment
Thanks

