You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@shindig.apache.org by Ziv Horesh <zh...@gmail.com> on 2010/09/02 00:08:49 UTC
Re: [jira] Resolved: (SHINDIG-1409) Security updates to RPC
I am trying to sync with the latest shindig head and I start to get rpc
failures - rpc call from gadget to container doesn't pass through on firefox
(work fine on chrome.
Javier can you help verify?
The gadget is simple:
<Module>
<ModulePrefs title="na">
<Require feature="rpc"/>
</ModulePrefs>
<Content type="html">
<script>
function call() {
gadgets.rpc.call(null, 'foo', null, 'bar');
}
</script>
<button id="button" onClick="call()">click</button>
</Content>
</Module>
And in the container I add the code (I have simple console div):
gadgets.rpc.setRelayUrl('gadget', '
http://meron.mtv.corp.google.com:8080/gadgets/files/container/rpc_relay.html');
gadgets.rpc.setAuthToken('gadget', '6421089622916860021');
gadgets.rpc.register('foo', function() { setConsoleWithService('foo',
arguments); });gadgets.rpc.registerDefault(function() {
setConsoleWithService('default', arguments); });
When I debug it in firebug I get a null targetWin (window.parent) which I
assume is the real problem.
Thanks in advance
Ziv
On Mon, Aug 30, 2010 at 2:22 AM, Paul Lindner (JIRA) <ji...@apache.org>wrote:
>
> [
> https://issues.apache.org/jira/browse/SHINDIG-1409?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel]
>
> Paul Lindner resolved SHINDIG-1409.
> -----------------------------------
>
> Resolution: Fixed
>
> committed
>
> > Security updates to RPC
> > -----------------------
> >
> > Key: SHINDIG-1409
> > URL: https://issues.apache.org/jira/browse/SHINDIG-1409
> > Project: Shindig
> > Issue Type: Improvement
> > Components: Javascript
> > Affects Versions: 2.0.0
> > Reporter: Javier Pedemonte
> > Priority: Minor
> > Fix For: 2.0.0
> >
> >
> > Add security features to the RPC layer, as described here:
> >
> http://wiki.opensocial.org/index.php?title=PubSub.next_Proposals#Secure_rpc
> .
>
> --
> This message is automatically generated by JIRA.
> -
> You can reply to this email to add a comment to the issue online.
>
>
Re: [jira] Resolved: (SHINDIG-1409) Security updates to RPC
Posted by Bastian Hofmann <ba...@googlemail.com>.
The "new" gadgets RPC works fine here with all browsers.
Cheers
Bastian
2010/9/2 Paul Lindner <li...@inuus.com>:
> Can you get a stacktrace from firebug?
>
> samplecontainer seems to be fine for me.
>
> On Sep 1, 2010, at 3:08 PM, Ziv Horesh wrote:
>
>> I am trying to sync with the latest shindig head and I start to get rpc
>> failures - rpc call from gadget to container doesn't pass through on firefox
>> (work fine on chrome.
>> Javier can you help verify?
>>
>> The gadget is simple:
>> <Module>
>> <ModulePrefs title="na">
>> <Require feature="rpc"/>
>> </ModulePrefs>
>> <Content type="html">
>> <script>
>> function call() {
>> gadgets.rpc.call(null, 'foo', null, 'bar');
>> }
>> </script>
>> <button id="button" onClick="call()">click</button>
>>
>> </Content>
>> </Module>
>>
>> And in the container I add the code (I have simple console div):
>>
>> gadgets.rpc.setRelayUrl('gadget', '
>> http://meron.mtv.corp.google.com:8080/gadgets/files/container/rpc_relay.html');
>>
>> gadgets.rpc.setAuthToken('gadget', '6421089622916860021');
>> gadgets.rpc.register('foo', function() { setConsoleWithService('foo',
>> arguments); });gadgets.rpc.registerDefault(function() {
>> setConsoleWithService('default', arguments); });
>>
>> When I debug it in firebug I get a null targetWin (window.parent) which I
>> assume is the real problem.
>>
>> Thanks in advance
>>
>> Ziv
>>
>>
>>
>>
>> On Mon, Aug 30, 2010 at 2:22 AM, Paul Lindner (JIRA) <ji...@apache.org>wrote:
>>
>>>
>>> [
>>> https://issues.apache.org/jira/browse/SHINDIG-1409?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel]
>>>
>>> Paul Lindner resolved SHINDIG-1409.
>>> -----------------------------------
>>>
>>> Resolution: Fixed
>>>
>>> committed
>>>
>>>> Security updates to RPC
>>>> -----------------------
>>>>
>>>> Key: SHINDIG-1409
>>>> URL: https://issues.apache.org/jira/browse/SHINDIG-1409
>>>> Project: Shindig
>>>> Issue Type: Improvement
>>>> Components: Javascript
>>>> Affects Versions: 2.0.0
>>>> Reporter: Javier Pedemonte
>>>> Priority: Minor
>>>> Fix For: 2.0.0
>>>>
>>>>
>>>> Add security features to the RPC layer, as described here:
>>>>
>>> http://wiki.opensocial.org/index.php?title=PubSub.next_Proposals#Secure_rpc
>>> .
>>>
>>> --
>>> This message is automatically generated by JIRA.
>>> -
>>> You can reply to this email to add a comment to the issue online.
>>>
>>>
>
>
Re: [jira] Resolved: (SHINDIG-1409) Security updates to RPC
Posted by Bastian Hofmann <ba...@googlemail.com>.
The "new" gadgets RPC works fine here with all browsers.
Cheers
Bastian
2010/9/2 Paul Lindner <li...@inuus.com>:
> Can you get a stacktrace from firebug?
>
> samplecontainer seems to be fine for me.
>
> On Sep 1, 2010, at 3:08 PM, Ziv Horesh wrote:
>
>> I am trying to sync with the latest shindig head and I start to get rpc
>> failures - rpc call from gadget to container doesn't pass through on firefox
>> (work fine on chrome.
>> Javier can you help verify?
>>
>> The gadget is simple:
>> <Module>
>> <ModulePrefs title="na">
>> <Require feature="rpc"/>
>> </ModulePrefs>
>> <Content type="html">
>> <script>
>> function call() {
>> gadgets.rpc.call(null, 'foo', null, 'bar');
>> }
>> </script>
>> <button id="button" onClick="call()">click</button>
>>
>> </Content>
>> </Module>
>>
>> And in the container I add the code (I have simple console div):
>>
>> gadgets.rpc.setRelayUrl('gadget', '
>> http://meron.mtv.corp.google.com:8080/gadgets/files/container/rpc_relay.html');
>>
>> gadgets.rpc.setAuthToken('gadget', '6421089622916860021');
>> gadgets.rpc.register('foo', function() { setConsoleWithService('foo',
>> arguments); });gadgets.rpc.registerDefault(function() {
>> setConsoleWithService('default', arguments); });
>>
>> When I debug it in firebug I get a null targetWin (window.parent) which I
>> assume is the real problem.
>>
>> Thanks in advance
>>
>> Ziv
>>
>>
>>
>>
>> On Mon, Aug 30, 2010 at 2:22 AM, Paul Lindner (JIRA) <ji...@apache.org>wrote:
>>
>>>
>>> [
>>> https://issues.apache.org/jira/browse/SHINDIG-1409?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel]
>>>
>>> Paul Lindner resolved SHINDIG-1409.
>>> -----------------------------------
>>>
>>> Resolution: Fixed
>>>
>>> committed
>>>
>>>> Security updates to RPC
>>>> -----------------------
>>>>
>>>> Key: SHINDIG-1409
>>>> URL: https://issues.apache.org/jira/browse/SHINDIG-1409
>>>> Project: Shindig
>>>> Issue Type: Improvement
>>>> Components: Javascript
>>>> Affects Versions: 2.0.0
>>>> Reporter: Javier Pedemonte
>>>> Priority: Minor
>>>> Fix For: 2.0.0
>>>>
>>>>
>>>> Add security features to the RPC layer, as described here:
>>>>
>>> http://wiki.opensocial.org/index.php?title=PubSub.next_Proposals#Secure_rpc
>>> .
>>>
>>> --
>>> This message is automatically generated by JIRA.
>>> -
>>> You can reply to this email to add a comment to the issue online.
>>>
>>>
>
>
Re: [jira] Resolved: (SHINDIG-1409) Security updates to RPC
Posted by Paul Lindner <li...@inuus.com>.
Can you get a stacktrace from firebug?
samplecontainer seems to be fine for me.
On Sep 1, 2010, at 3:08 PM, Ziv Horesh wrote:
> I am trying to sync with the latest shindig head and I start to get rpc
> failures - rpc call from gadget to container doesn't pass through on firefox
> (work fine on chrome.
> Javier can you help verify?
>
> The gadget is simple:
> <Module>
> <ModulePrefs title="na">
> <Require feature="rpc"/>
> </ModulePrefs>
> <Content type="html">
> <script>
> function call() {
> gadgets.rpc.call(null, 'foo', null, 'bar');
> }
> </script>
> <button id="button" onClick="call()">click</button>
>
> </Content>
> </Module>
>
> And in the container I add the code (I have simple console div):
>
> gadgets.rpc.setRelayUrl('gadget', '
> http://meron.mtv.corp.google.com:8080/gadgets/files/container/rpc_relay.html');
>
> gadgets.rpc.setAuthToken('gadget', '6421089622916860021');
> gadgets.rpc.register('foo', function() { setConsoleWithService('foo',
> arguments); });gadgets.rpc.registerDefault(function() {
> setConsoleWithService('default', arguments); });
>
> When I debug it in firebug I get a null targetWin (window.parent) which I
> assume is the real problem.
>
> Thanks in advance
>
> Ziv
>
>
>
>
> On Mon, Aug 30, 2010 at 2:22 AM, Paul Lindner (JIRA) <ji...@apache.org>wrote:
>
>>
>> [
>> https://issues.apache.org/jira/browse/SHINDIG-1409?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel]
>>
>> Paul Lindner resolved SHINDIG-1409.
>> -----------------------------------
>>
>> Resolution: Fixed
>>
>> committed
>>
>>> Security updates to RPC
>>> -----------------------
>>>
>>> Key: SHINDIG-1409
>>> URL: https://issues.apache.org/jira/browse/SHINDIG-1409
>>> Project: Shindig
>>> Issue Type: Improvement
>>> Components: Javascript
>>> Affects Versions: 2.0.0
>>> Reporter: Javier Pedemonte
>>> Priority: Minor
>>> Fix For: 2.0.0
>>>
>>>
>>> Add security features to the RPC layer, as described here:
>>>
>> http://wiki.opensocial.org/index.php?title=PubSub.next_Proposals#Secure_rpc
>> .
>>
>> --
>> This message is automatically generated by JIRA.
>> -
>> You can reply to this email to add a comment to the issue online.
>>
>>
Re: [jira] Resolved: (SHINDIG-1409) Security updates to RPC
Posted by Paul Lindner <li...@inuus.com>.
Can you get a stacktrace from firebug?
samplecontainer seems to be fine for me.
On Sep 1, 2010, at 3:08 PM, Ziv Horesh wrote:
> I am trying to sync with the latest shindig head and I start to get rpc
> failures - rpc call from gadget to container doesn't pass through on firefox
> (work fine on chrome.
> Javier can you help verify?
>
> The gadget is simple:
> <Module>
> <ModulePrefs title="na">
> <Require feature="rpc"/>
> </ModulePrefs>
> <Content type="html">
> <script>
> function call() {
> gadgets.rpc.call(null, 'foo', null, 'bar');
> }
> </script>
> <button id="button" onClick="call()">click</button>
>
> </Content>
> </Module>
>
> And in the container I add the code (I have simple console div):
>
> gadgets.rpc.setRelayUrl('gadget', '
> http://meron.mtv.corp.google.com:8080/gadgets/files/container/rpc_relay.html');
>
> gadgets.rpc.setAuthToken('gadget', '6421089622916860021');
> gadgets.rpc.register('foo', function() { setConsoleWithService('foo',
> arguments); });gadgets.rpc.registerDefault(function() {
> setConsoleWithService('default', arguments); });
>
> When I debug it in firebug I get a null targetWin (window.parent) which I
> assume is the real problem.
>
> Thanks in advance
>
> Ziv
>
>
>
>
> On Mon, Aug 30, 2010 at 2:22 AM, Paul Lindner (JIRA) <ji...@apache.org>wrote:
>
>>
>> [
>> https://issues.apache.org/jira/browse/SHINDIG-1409?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel]
>>
>> Paul Lindner resolved SHINDIG-1409.
>> -----------------------------------
>>
>> Resolution: Fixed
>>
>> committed
>>
>>> Security updates to RPC
>>> -----------------------
>>>
>>> Key: SHINDIG-1409
>>> URL: https://issues.apache.org/jira/browse/SHINDIG-1409
>>> Project: Shindig
>>> Issue Type: Improvement
>>> Components: Javascript
>>> Affects Versions: 2.0.0
>>> Reporter: Javier Pedemonte
>>> Priority: Minor
>>> Fix For: 2.0.0
>>>
>>>
>>> Add security features to the RPC layer, as described here:
>>>
>> http://wiki.opensocial.org/index.php?title=PubSub.next_Proposals#Secure_rpc
>> .
>>
>> --
>> This message is automatically generated by JIRA.
>> -
>> You can reply to this email to add a comment to the issue online.
>>
>>