I think it's very interesting that Google is brave enough to put this app out there from a security point of view. They are letting any random stranger without registration etc., run code inside their sandbox. For example, switch to groovy mode and enter:
You'll see it fetches the web page and prints it out. So this app is now an anonymous proxy, of sorts, using Google's bandwidth to hit other sites. Of course, that is just the first thing that came into my head, but it seems to me there might be many ways someone evil could use this either directly to do bad things or to try and hack the app engine sandbox itself.
Incidentally, we support clojure, jruby, jython, beanshell and javascript in Fiji, with a nice GUI interpreter and the ability to open GUI widgets. The JVM and the publicly available JVM-implementations of all these languages makes it easy.
The lotrepl webpage, though, is a nice spin of the JVM language support. Reminds me of the much-more-powerful http://codepad.org which supports C, C++, haskell, D, Lua, OCaml, and many others.
println new URL('http://www.google.com').openConnection().inputStream.text
You'll see it fetches the web page and prints it out. So this app is now an anonymous proxy, of sorts, using Google's bandwidth to hit other sites. Of course, that is just the first thing that came into my head, but it seems to me there might be many ways someone evil could use this either directly to do bad things or to try and hack the app engine sandbox itself.