You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@shindig.apache.org by "Zhihong Yang (JIRA)" <ji...@apache.org> on 2012/07/23 04:47:34 UTC
[jira] [Created] (SHINDIG-1822) Resouces(js,css) Requests through
the shindig /concat servlet/proxy servlet are not signed
Zhihong Yang created SHINDIG-1822:
-------------------------------------
Summary: Resouces(js,css) Requests through the shindig /concat servlet/proxy servlet are not signed
Key: SHINDIG-1822
URL: https://issues.apache.org/jira/browse/SHINDIG-1822
Project: Shindig
Issue Type: Improvement
Components: Java
Affects Versions: 2.5.0-beta2
Reporter: Zhihong Yang
Fix For: 2.5.0-beta2
Create a gadget that just has a
<Content><[CDATA[
<script src="SOME-JS-FILE.js" type="text/javascript"></script>
<link rel="stylesheet" type="text/css" href="SOME-CSS-FILE.css" />
]]>
</Content>
During the content rewrite, the container will create a js link to the Concat servlet that includes that JS and create a css link to proxy servlet that includes that CSS.
A config option as below will be added to container.js so that URLs to the concat/proxy servlet include a security token (st=<gadet-security-token>), via this security token, the request to those js/css file from gadget can be idendified and authorized.
//Enables/Disables securiry token for js, css resources loaded by concat servlet/proxy servlet
"gadgets.admin.enableSecuryTokenForConcat" : "false",
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (SHINDIG-1822) Resouces(js,css) Requests through
the shindig /concat servlet/proxy servlet are not signed
Posted by "Zhihong Yang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1822?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Zhihong Yang updated SHINDIG-1822:
----------------------------------
Description:
Create a gadget that just has a
<Content><[CDATA[
<script src="SOME-JS-FILE.js" type="text/javascript"></script>
<link rel="stylesheet" type="text/css" href="SOME-CSS-FILE.css" />
]]>
</Content>
During the content rewrite, the container will create a js link to the Concat servlet that includes that JS or create a css link to proxy servlet that includes that CSS.
A config option as below will be added to container.js so that URLs to the concat/proxy servlet include a security token (st=<gadet-security-token>), via this security token, the request to those js/css file from gadget can be idendified and authorized.
//Enables/Disables securiry token for js, css resources loaded by concat servlet/proxy servlet
"gadgets.admin.enableSecuryTokenForConcat" : "false",
was:
Create a gadget that just has a
<Content><[CDATA[
<script src="SOME-JS-FILE.js" type="text/javascript"></script>
<link rel="stylesheet" type="text/css" href="SOME-CSS-FILE.css" />
]]>
</Content>
During the content rewrite, the container will create a js link to the Concat servlet that includes that JS and create a css link to proxy servlet that includes that CSS.
A config option as below will be added to container.js so that URLs to the concat/proxy servlet include a security token (st=<gadet-security-token>), via this security token, the request to those js/css file from gadget can be idendified and authorized.
//Enables/Disables securiry token for js, css resources loaded by concat servlet/proxy servlet
"gadgets.admin.enableSecuryTokenForConcat" : "false",
> Resouces(js,css) Requests through the shindig /concat servlet/proxy servlet are not signed
> ------------------------------------------------------------------------------------------
>
> Key: SHINDIG-1822
> URL: https://issues.apache.org/jira/browse/SHINDIG-1822
> Project: Shindig
> Issue Type: Improvement
> Components: Java
> Affects Versions: 2.5.0-beta2
> Reporter: Zhihong Yang
> Fix For: 2.5.0-beta2
>
>
> Create a gadget that just has a
> <Content><[CDATA[
> <script src="SOME-JS-FILE.js" type="text/javascript"></script>
> <link rel="stylesheet" type="text/css" href="SOME-CSS-FILE.css" />
> ]]>
> </Content>
>
> During the content rewrite, the container will create a js link to the Concat servlet that includes that JS or create a css link to proxy servlet that includes that CSS.
> A config option as below will be added to container.js so that URLs to the concat/proxy servlet include a security token (st=<gadet-security-token>), via this security token, the request to those js/css file from gadget can be idendified and authorized.
> //Enables/Disables securiry token for js, css resources loaded by concat servlet/proxy servlet
> "gadgets.admin.enableSecuryTokenForConcat" : "false",
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira