[OpenSocial] Re: Development environment -- allowing Orkut proxy servers through our firewall by IP

Wed, 09 Jan 2008 11:39:40 -0800 

Hi Nate,

The Orkut gadgets are hosted on gmodules.com, which can be used as a
web proxy, so it's not advisable to open your firewall to allow
access.  For example, someone could just go to

      
http://gmodules.com/ig/proxy?url=http://internalurl.youdontwantmadepublic.com

and get access to your intranet.  I've heard of developers exposing
their development applications and just internally whitelisting
against specific user IPs, but there may be other workarounds - so if
someone has found a method that they like, could they post it here?

This problem will probably be resolved once Shindig is able to serve
OpenSocial gadgets, since you'll be able to run an internal gadget
server, but I don't really have an ETA of when that will be possible.

~Arne




On Jan 7, 5:30 pm, nate <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> I'm in charge setting up gadget development infrastructure at my
> company, and I have a question regarding allowing our internal
> development sandboxes to talk to Orkut's AJAX proxy servers.
>
> Is there a static list of IPs that we can reliably whitelist to pass
> through our firewall?  I need to allow an OpenSocial gadget in the
> Orkut sandbox phone home to a development version of our web
> application running in a sandbox.  Obviously, I would like the pinhole
> in the firewall to be as small as possible, so I would like to drop
> all traffic from non-Orkut IPs.
>
> Any ideas?  I have not been able to Google for this information.
>
> Also, I'd love to hear from any widget/gadget developers out there
> that have addressed this issue (my feeling is that this is not a
> terribly uncommon need).
>
> Thanks!
>
> nate
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Orkut Discussion" group.
To post to this group, send email to opensocial-orkut@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/opensocial-orkut?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to