You should be able to reuse the makeRequest / Proxy classes (and their
RemoteContent fetcher dependencies) from shindig, you can find them in
shindig/php/src/gadgets/*{Proxy,Request}*.php. Either straight up extracting
those classes and intergrating them in your env, or using them to reverse
engineer what response format where should help make this workG'luck! -- Chris On Fri, Jun 26, 2009 at 2:01 AM, Andi <andreas.schuet...@navteq.com> wrote: > > Hey Chris, > > i'm currently experimenting around with that. I just created s imple > php proxy > and changed JsonRpcContainer.sendRequest that it use makeRequest > instead of makeNonProxiedRequest. > It seems to work somehow. The data is passed through as JSON and i > also get JSON data back > but it seems i have to fullfill some special JSON structure, it seems > that the response from Shindig is not enough, > i also need to send the request params back from the proxy? > > So i try to use the most of the existing code, the proxy is not my > best love but it should work for the moment. > > oh, maybe you know a simple php proxy that is already doing all that > stuff? That would help, because figuring out > whats wrong with that JSON parsin is really a pain in the .... > > About the features you mention, you are right, i don't care :-) I only > need to talk to Shindig and get data from them. > I treat Shindig as an adapter to an social platform out there. I must > take care myself about rendering the data, this is why i > don't want to and can't use the google gadget system. > > Andi > > > > On 25 Jun., 15:59, Chris Chabot <chab...@google.com> wrote: > > On Thu, Jun 25, 2009 at 2:45 PM, Andi <andreas.schuet...@navteq.com> > wrote: > > > > > Hi Chris, > > > > > thanks for your answer again, but unfortunatly i can't use Gadgets. I > > > don't want to support 2 different systems > > > of widgets and Gadgets. > > > > > So i still have to find a way to solve the XSS problem with directly > > > using the opensocial API without gadget support. > > > > I could go on all day writing examples of where 'including a bunch of > > javascript' is not going to give you an OpenSocial API, there's 30.000 > lines > > of code in shindig (per implementation) plus an additional 15.000 lines > of > > javascript code to offer the 'OpenSocial API', and just including the JS > > will not work since you'll be missing quite a few essential features that > > Apache Shindig offers, but you do not really give the impression you are > > going to care :) > > > > Anyhow to your problem, to bypass the XSS problem for makeRequest, you > need > > to create a proxy on the same domain as the server that generated your > > 'widget', and pass all calls through that; That's the only way you can do > > caching properly, and bypass the XSS problem on all popular browsers. > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OpenSocial Application Development" group. To post to this group, send email to opensocial-api@googlegroups.com To unsubscribe from this group, send email to opensocial-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en -~----------~----~----~----~------~----~------~--~---
