I know I can run pengines non-sandboxed, but not sure how to do it.
(yes, know about tthe security implications, handled).
I did something like that previously as follows:
:- multifile pengines:authentication_hook/3.
pengines:authentication_hook(_Request, todo_db_app, User) :-
logged_in(User), !.
pengines:authentication_hook(_Request, todo_db_app, _User) :-
throw(http_reply(forbidden(/))).
:- multifile pengines:not_sandboxed/2.
pengines:not_sandboxed(_User, todo_db_app).
:- multifile pengines:prepare_goal/3.
pengines:prepare_goal(G, G, _Opts) :-
functor(G, Func, Arity),
memberchk(Func-Arity, [add_todo-2,
list_todos-1,
remove_todo-1,
update_todo-1,
remove_completed-0]).
pengines:prepare_goal(_, fail, _).
Thanks! I’ll do this against localhost origin means logged in.
To remove sandboxing, either enable forced login (config-available/auth_http_always.pl), use (a variant) of ide.pl for using SWISH as a local secondary IDE or, if you want a public service with some additional features, write a library providing these features and declare the API as safe.
Also make sure it is safe 
P.s. The Docker for SWISH is quite far behind. Badly needs a version update.
1 Like
Update: Tagged latest SWISH with version 1.2.0 and pushed a new Docker image.
1 Like
not running swish. This is an independent service on back end (wrapper for Large Knowledge Collider)