Yes, it works under that use case. Sending it as an attachment does not interfere with legitimate use of the proxy as it does not impact img, object, embed, script, or link elements or style sheet imports.
On Wed, Jul 16, 2008 at 1:46 PM, Ropu <[EMAIL PROTECTED]> wrote: > hi > > i have a question. > > will sending proxy results as attachment work with this example? > * > Let the container cache your dynamic content* > http://code.google.com/apis/opensocial/articles/latency/#dynamic > > The gadgets.io.getProxyUrl function will return the location of the cached > version of the URL you provide, including images, JavaScript, and CSS. So > instead of using the URL of content hosted on your server, like this: > > function showImage() { > imgUrl = 'http://www.example.com/i_heart_apis_sm.png'; > html = ['<img src="', imgUrl, '">']; > document.getElementById('dom_handle').innerHTML = html.join(''); > }; > > showImage(); > > you can use the URL of the cached content, like this: > > function showImage() { > imgUrl = 'http://www.example.com/i_heart_apis_sm.png'; > *cachedUrl = gadgets.io.getProxyUrl(imgUrl);* > html = ['<img src="', *cachedUrl*, '">']; > document.getElementById('dom_handle').innerHTML = html.join(''); > }; > > > showImage(); > > > > if so, its preventing "free akamai"or phishing? > > said this, or the example is wrong (and we are limiting functionality) or > the solution is partial (or im completely mixed up :P) > > ropu > > On Fri, Jul 11, 2008 at 2:45 PM, Kevin Brown <[EMAIL PROTECTED]> wrote: > > > On Fri, Jul 11, 2008 at 2:20 AM, Karsten Beyer <[EMAIL PROTECTED]> wrote: > > > > > Hi, > > > > > > what is the suggested strategy to prevent abuse of the open proxy at > > > /gadgets/proxy? I found some old discussions from february about adding > > the > > > IP address of the user as HTTP header. Some testing however showed that > > this > > > is not yet implemented. > > > > > > Are there any plans to implement some kind of whitelist feature? More > > > importantly: Are there any reasons against implementing such a feature? > > > > > > You could always add a whitelist for outbound requests, but you'd have to > > do > > a custom http fetcher implementation. > > > > The java version is currently returning all proxied files as attachments, > > which has helped significantly with reducing the potential of > > /gadgets/proxy > > as a phishing vector or free Akamai. > > > > > > > > > > > > > > > > Best Regards, > > > > > > Karsten Beyer > > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > -- > .-. --- .--. ..- > R o p u >
