[opensocial] Re: using ajax inside of a gadget
Actually... I take that back... they have to do something about security otherwise your going to have social apps potentially de- indexing webpages from websites for malware reasons... really... I just don't know... Google places restrictions on websites if they find bad scripts on them... Some anti-virus programs will stop pages from loading within your browser as well... I'm guessing if a container api had code for detecting and blocking malware... everyone would have access to the api and write different malware since it is Open... On Nov 8, 1:22 am, MrGamma [EMAIL PROTECTED] wrote: Hello Toxic, JavaScript ( Ajax ) is executed from within the browser window. Technically a container or social network serving the code could not actually stop it from executing once it was loaded into the browser window. Since an Ajax call is executed from within the clients browser nothing can stop it... A social network which is serving the application could strip snippets of code which it deemed a security risk from the app before it reached the end users browser but this would be considered hack at best and ruin the compatibility of the app itself...there is always the possiblity that they will build security modules into the container api but I really... really... doubt it... Here's a social app... I'm not sure if it's hooked into a proper OpenSocial framework but it is advertised as a real SocialGadget... http://proxy.ning.com/gadgets/index/gadgetWrapper?xark=16693486867224... On Nov 7, 11:03 pm, toxic [EMAIL PROTECTED] wrote: Someone should add the Ajax feature in the opensocial request page. I am not adding it there due to my limited knowledge about the subject. I mean , is it an ajax feature or is it something Open Social is disallowing --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups OpenSocial Developers group. To post to this group, send email to opensocial-api@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en -~--~~~~--~~--~--~---
[opensocial] Re: using ajax inside of a gadget
Hello Toxic, JavaScript ( Ajax ) is executed from within the browser window. Technically a container or social network serving the code could not actually stop it from executing once it was loaded into the browser window. Since an Ajax call is executed from within the clients browser nothing can stop it... A social network which is serving the application could strip snippets of code which it deemed a security risk from the app before it reached the end users browser but this would be considered hack at best and ruin the compatibility of the app itself...there is always the possiblity that they will build security modules into the container api but I really... really... doubt it... Here's a social app... I'm not sure if it's hooked into a proper OpenSocial framework but it is advertised as a real SocialGadget... http://proxy.ning.com/gadgets/index/gadgetWrapper?xark=166934868672246890_148670244978679186_793122270225563994_956882894592477624_260167947525946759_501629728854833381_337133209347760492_455932372846852554_493246275766041622_767283757759854216_126370930244047427_468850696416530879_925658730339762953_91864654702371797_355476955172521177_963717042125832331_265635461776397459_761277948430893185_590208535424406663_21261096546902394_169626924981935393_325912636199642012_533092983027442574_495499201272232076_848463228319564455_744549244944910427_559898194206904055_433848770035910312_742269693664637297_3985690313027990_488638777385174424_983453243053794905_384108244593334514_223020688389458450_481608467103499207_347143717338848308_985774447602273240_726326019522249939_mode=profileorigin=OpenSocialStuff On Nov 7, 11:03 pm, toxic [EMAIL PROTECTED] wrote: Someone should add the Ajax feature in the opensocial request page. I am not adding it there due to my limited knowledge about the subject. I mean , is it an ajax feature or is it something Open Social is disallowing --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups OpenSocial Developers group. To post to this group, send email to opensocial-api@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en -~--~~~~--~~--~--~---
[opensocial] Re: using ajax inside of a gadget
On Nov 8, 2007, at 3:50 AM, RickMeasham wrote:
On Nov 8, 1:41 pm, Chris Chabot [EMAIL PROTECTED] wrote:
Sorry for the possibly newbee question, but are we limited to using
google's _IG_FetchContent() inside of our open social gadgets, or is
it possible to use the one's from our own toolkit?
Google's _IG_Fetch* routines use their proxy for requesting document
across the domain boundary. Your prototype.js solution will only be
able to query the local domain (which will be gmodules.com) which
isn't likely to be what you want.
So that would leave us with 2 options i guess, one would be to use
something hackedie like:
http://www.mellowmorning.com/2007/11/07/updated-cross-site-ajax-plugin-for-prototype/
and the second would be to prefix al ajax calls with:
'/ig/jsonp?url='+escape('original.url')
not sure if either method is preferable, and the second one sounds
very platform specific, so i guess rewriting to IG_Fetch i go ;-(
-- Chris Chabot
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
OpenSocial Developers group.
To post to this group, send email to opensocial-api@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/opensocial-api?hl=en
-~--~~~~--~~--~--~---
[opensocial] Re: using ajax inside of a gadget
Hi, You cannot use your custom ajax call, it won't work, but ... You can use the old-fashioned way = an iframe :) This works and you can emulate an ajax call using an iframe. Regards, Ignacio. You'd then have to parse the result: you don't get back the vanilla content but instead get back data that you'd need to do googlemagic on to extract the original content Cheers! Rick Measham -- Code is like art but people loves painting something and putting it into a museum or art gallery, what happen with code then? - LETS OPENSOURCE IT If you have an apple and I have an apple and we exchange these apples then you and I will still each have one apple. But if you have an idea and I have an idea and we exchange these ideas, then each of us will have two ideas. Bernard Shaw --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups OpenSocial Developers group. To post to this group, send email to opensocial-api@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en -~--~~~~--~~--~--~---
