On Jan 29, 2008 5:39 PM, Reinoud Elhorst <[EMAIL PROTECTED]> wrote: > Hi all, > > In the process of trying to make Hyves an OpenSocial container, I tried my > hand tonight at making the Hello World OpenSocial Gadget example work in > our > site, through Shindig. I ran into some small issues, which I rather > "hacked" > my way around. Now I understand that Shindig is work in progress, and > don't > blame anyone for this not being s finished product. Au contraire, I was > pleasantly surprised by how far I've come in just one night: thumbs up for > the readability and documentation of most of the code, and obviously the > lavish explanations I've been able to enjoy on this list! > > I hope someone can give some feedback on the following issues: > - I included the js and css files from the /javascript/container > directory > into the parent page. When copying the code from the sample files, there > are > some options I'm missing in the gadgets.js file. It seems to me that the > result of gadgets.container.createGadget, should have methods to set the > "nocache=1" and the security token (or just generally, everything behind > the > #). Am I thinking in the right direction here, or is this being handled in > some other way?
You're right (though there may still be 'another way' that I'm not aware of; bear in mind, though, that the gadgets.js code isn't necessarily required to generate the iframes. Feel free to do this however you like. As long as you're generating the right parameters and you have the right container side JS for handling interframe communication calls, you're a compliant gadgets server. > > - The opensocial part consists of a lot of general javascript, and some > container-specific javascript. How does shindig know where to get this > container specific javascript? Would this done in a call to the result of > gadgets.container.createGadget as well? The opensocial stuff needs a lot of work. Currently you'll basically have to implement your own opensocial-0.6 (or 0.7) feature that hooks in your site's data and rebuild the server to support it. > > - For the ifpc to work correctly, the ifpc_relay.html file has to be > present > on the same domain as the parent page is on (so, basically, your SNS > domain). Is there any documentation yet on what the security implications > of > this are? There is (although it might need to be cleaned up to remove some google proprietary stuff), but currently there's nowhere to publish it. When we have a place to publish docs, we'll get it published. > Presently, I'm at the point where pretty much everything works except for > the API calls back to the site; I wanted to make sure I was going in the > right direction with regard to the exchange of the security token. It sounds like you're going in the right direction, and you're mostly just encountering the shortcomings of what we have in Shindig right now. This should all be changing shortly.
