You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by Mat Mannion <M....@warwick.ac.uk> on 2010/06/10 15:21:53 UTC
Re: External libraries in JS features - should they be served though
the proxy, or output verbatim?
Ugh, never mind. This can safely be ignored - having looked at the
code it is pretty obvious that all you have to do is add inline="true"
to the <script> tag in the feature.xml file.
I'll shortly be submitting a patch to add this flag for the analytics
and com.google.analytics features.
Mat
On 10 June 2010 11:29, Mat Mannion <M....@warwick.ac.uk> wrote:
> Hi all,
>
> I've been trying to track down some issues we've been having with
> mixed content warnings. Our gadget container serves content over
> HTTPS, so when any content is loaded over HTTP, it will (depending on
> your browser) either show a warning icon (Chrome, Firefox et al) or
> display an extremely scary warning (IE) to users. IE8 is particularly
> troublesome, as the dialog is worded in such a way that the user will
> a lot of the time click "Yes", which hides all the content over HTTP.
>
> I realise (unless I am mistaken) that there's not a lot we can do
> about content that's inserted by Javascript in gadgets that don't use
> gadgets.io.getProxyUrl(), but I'm trying to eliminate content that is
> inserted by the container over HTTP.
>
> Through this, I've noticed that features that reference external
> libraries (e.g. the analytics and com.google.gadgets.analytics
> features) don't fetch the library and include them verbatim, but
> instead insert a document.write() with the <script> tag, which is
> throwing up mixed content warnings if the source library is served
> over HTTP. I'm not sure if this is intentional, or just unimplemented,
> but perhaps someone could shed some light on this?
>
> Thanks in advance,
>
> Mat
>
> --
> Mat Mannion
> Web Developer
> e-lab, IT Services
> University of Warwick
> Coventry
> CV4 7AL
>
> Tel: 024 765 74433
> Email: M.Mannion@warwick.ac.uk
>
--
Mat Mannion
Web Developer
e-lab, IT Services
University of Warwick
Coventry
CV4 7AL
Tel: 024 765 74433
Email: M.Mannion@warwick.ac.uk
Re: External libraries in JS features - should they be served though
the proxy, or output verbatim?
Posted by Paul Lindner <pl...@linkedin.com>.
I committed the patch. Just so everyone is aware -- at startup the scripts
marked inline=yes are fetched, this might cause issues for people running
behind a firewall that blocks outbound access.
On Thu, Jun 10, 2010 at 6:21 AM, Mat Mannion <M....@warwick.ac.uk>wrote:
> Ugh, never mind. This can safely be ignored - having looked at the
> code it is pretty obvious that all you have to do is add inline="true"
> to the <script> tag in the feature.xml file.
>
> I'll shortly be submitting a patch to add this flag for the analytics
> and com.google.analytics features.
>
> Mat
>
> On 10 June 2010 11:29, Mat Mannion <M....@warwick.ac.uk> wrote:
> > Hi all,
> >
> > I've been trying to track down some issues we've been having with
> > mixed content warnings. Our gadget container serves content over
> > HTTPS, so when any content is loaded over HTTP, it will (depending on
> > your browser) either show a warning icon (Chrome, Firefox et al) or
> > display an extremely scary warning (IE) to users. IE8 is particularly
> > troublesome, as the dialog is worded in such a way that the user will
> > a lot of the time click "Yes", which hides all the content over HTTP.
> >
> > I realise (unless I am mistaken) that there's not a lot we can do
> > about content that's inserted by Javascript in gadgets that don't use
> > gadgets.io.getProxyUrl(), but I'm trying to eliminate content that is
> > inserted by the container over HTTP.
> >
> > Through this, I've noticed that features that reference external
> > libraries (e.g. the analytics and com.google.gadgets.analytics
> > features) don't fetch the library and include them verbatim, but
> > instead insert a document.write() with the <script> tag, which is
> > throwing up mixed content warnings if the source library is served
> > over HTTP. I'm not sure if this is intentional, or just unimplemented,
> > but perhaps someone could shed some light on this?
> >
> > Thanks in advance,
> >
> > Mat
> >
> > --
> > Mat Mannion
> > Web Developer
> > e-lab, IT Services
> > University of Warwick
> > Coventry
> > CV4 7AL
> >
> > Tel: 024 765 74433
> > Email: M.Mannion@warwick.ac.uk
> >
>
>
>
> --
> Mat Mannion
> Web Developer
> e-lab, IT Services
> University of Warwick
> Coventry
> CV4 7AL
>
> Tel: 024 765 74433
> Email: M.Mannion@warwick.ac.uk
>