Ultimately I think the renderer should prefetch this stuff from the app data server, and we should use short-lived security tokens passed to the renderer for it.
Orkut has been experimenting with some preloading stuff on their sandbox (you can see it in action by visiting the sandbox). It's difficult to do right, easy to screw up, and easy to introduce security vulnerabilities. Having the rendering server talk to the app data server to get this data for gadgets that are likely to want it seems natural. If the opensocial js was more modular, we could probably develop pretty good heuristics for which data needs to be preloaded. We lose iframe caching, but I think that's a minor concession. On Mon, Apr 7, 2008 at 1:20 PM, Paul Lindner <[EMAIL PROTECTED]> wrote: > I¹m going to implement prefetching of OWNER/VIEWER from the parent page > for > shindig¹s jsoncontainer.js. If anyone here has already started work on > this > feature let me know.. > > Paul > Hi5 > > -- ~Kevin
