On Tue, Jul 14, 2009 at 12:28 PM, Loic Dachary <[email protected]> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Loic Dachary wrote: > > Hi, > > > > I've seen that shindig-1.1 is on the way. In the past few weeks > > I've worked to get shindig-1.0 working ( for a multiplayer poker > > application ) and we submitted a few patches ( reverse proxy, > > cookie handling, proxy error handing, all in JIRA ) against the > > shindig-1.0 release. How will these be handled ? When 1.1 is out, > > will I need to port them to the trunk in order for them to be taken > > into consideration ? Or will it be enough to let them as they are > > and wait for a commiter to find time to review / apply them ? > > > > Thanks in advance > For reference, these are the JIRA entries I'm refering to: > > https://issues.apache.org/jira/browse/SHINDIG-1112 > https://issues.apache.org/jira/browse/SHINDIG-1110 > https://issues.apache.org/jira/browse/SHINDIG-1106 > https://issues.apache.org/jira/browse/SHINDIG-1111 > FYI, the reverse proxy fix is a good one indeed and I'll apply once I have a free moment to review the code and port it to the trunk. The same goes for the http error code fix for the proxy handler & the change to how headers are dealt with in the signing fetcher. The cookies handling, I'm not entirely sure what the right-thing-to-do is, the proposal to define this in the spec wasn't accepted for 0.9, as such there's no clear directions on what exactly we expect it to do. On the one hand cookies are terribly useful to support, on the other hand since in some social sites all the gadgets are on the same domain, it's also a security risk. The conclusion was also that setting headers in makeRequest was undesirable and a security risk.. so that limits the usefulness of it quite a bit as well. In other words, I'm not quite sure what to do with that issue yet.
