On Wed, Jul 23, 2008 at 8:43 AM, Andreas Junghans <
[EMAIL PROTECTED]> wrote:
> Hi Philipp,
>
> Am 23.07.2008 um 14:09 schrieb Philipp Wabinski:
>
> I have another error right now. When I access my qooxdoo application via
>> http://application... evereything looks fine. But when I access it via
>> https
>> I get access denied msgs from the RPC backend.
>>
>> I use the same domain and also https for the rpc service url.
>>
>> What can that be the reason for that?
>>
>
> As long as you use the same protocol (HTTP or HTTPS) for the HTML page and
> the RPC, it's supposed to work. If it does not, I guess there's either a
> problem in the PHP backend or in your server configuration. Maybe you are
> redirecting HTTPS requests to a plain HTTP server?
>
> Derrell, can you take a look? I'm not familiar enough with the PHP backend
> to be of much help here.
With the default accessibility configuration ("domain"), the PHP backend
confirms that the request URI domain matches the referer domain (including
protocol). As long as both the original page and the services URI use https
or both don't use https, the backend should handle it fine.
The only gotcha may be if you're manually specifying a port number. We
attempt to match that, but if you're using other than port 80 for http or
port 443 for https, that code path is not well tested and may deny access
when it should be allowed.
Derrell
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
qooxdoo-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/qooxdoo-devel
