Plugin Engine

A C#/VB/JScript.NET Plugin Engine was added to World Wind in version 1.3.2.

Features

 * Dynamic compilation and execution of script code written in the following languages:
 * C#
 * VB.NET
 * JSCript.net
 * Load plugins from precompiled .dll files
 * Full access to World Wind internals (same as internal code)
 * Runs at full speed (compilation on load)

Engine logic
When World Wind starts the following steps are performed:
 * The PluginCompiler scans bin\Plugins directory and the 1st level subdirectories of the plugin directory for files ending in any of the supported file extensions.
 * When it finds one it tries to compile the source (to memory) with references to the same assemblies as the app has referenced.
 * It then searches the compiled assembly for an implementation of Plugin.

Benefits

 * Since the compiler for C#,VB and JSCript comes with the .Net Framework no additional third party library is required.
 * For other languages (like J#) an install will be needed, and unfortunately I haven't found an easy way of enumerating all available compilers (before .Net 2.0)
 * Very fast on-the-fly compilation of the scripts.
 * Scripts executes with same speed as a precompiled assembly.
 * Debuggable inside World Wind project (World Wind in debug build loads internal plugins)
 * Custom dlls may be dynamically loaded

Drawbacks

 * Security: The script could wipe out the hard drive or worse. But with a script at least the user can verify the intentions by looking at the source.  Even current add-ons (layers) are often .exe installers giving the user no way of identifying evil code.
 * To unload a script's assembly from memory completely, WW needs a restarted (there are workarounds (appdomains))
 * With no nailed down limited interface into WW the script could stop working on a new version of WW.

Problems

 * Serializing generic lists (List) won't work; use a normal array or an ArrayList instead

Security Lockdown Fix
Following this example we should be able to lockdown FileIO to the AppDir

public static string ReadFile(string filename) {  string appDir = Directory.GetCurrentDirectory; FileIOPermission f = new FileIOPermission(PermissionState.None); f.SetPathList(FileIOPermissionAccess.Read, appDir); f.SetPathList(FileIOPermissionAccess.PathDiscovery, appDir); f.PermitOnly; // Use Path.GetFilePath to canonicalize the file name // Use FileStream.OpenRead to open the file // Use FileStream.Read to access and return the data }

From Code Access Security in Practice - MSDN

Code Translator
C#<->VB So no one can complain about languages. :)