Thank you for your inquiry. DVSR_Sarma Krovi is no longer with the firm. For immediate assistance, please contact Reception at +91-40-6639-0000.
Sincerely, The D. E. Shaw Group -- 8< --- CUT HERE -------------------------- CUT HERE --- >8 -- From: [email protected] To: [email protected] cc: Subject: svn commit: r1207899 - in /shindig/trunk: config/container.js php/test/gadgets/ContainerConfigTest.php Author: ddumont Date: Tue Nov 29 15:07:31 2011 New Revision: 1207899 URL: http://svn.apache.org/viewvc?rev=1207899&view=rev Log: Update container config values, comments. Make things easier to configure for locked domains. Modified: shindig/trunk/config/container.js shindig/trunk/php/test/gadgets/ContainerConfigTest.php Modified: shindig/trunk/config/container.js URL: http://svn.apache.org/viewvc/shindig/trunk/config/container.js?rev=1207899&r1=1207898&r2=1207899&view=diff ============================================================================== --- shindig/trunk/config/container.js (original) +++ shindig/trunk/config/container.js Tue Nov 29 15:07:31 2011 @@ -58,17 +58,6 @@ // value matching this set will return a 404 error. "gadgets.parent" : null, -// Should all gadgets be forced on to a locked domain? -"gadgets.uri.iframe.lockedDomainRequired" : false, - -// DNS domain on which gadgets should render. -// Default Uri config: these must be overridden - specified here for testing purposes -"gadgets.uri.iframe.unlockedDomain": "${Cur['defaultShindigTestAuthority']}", -// When setting up the server to enable locked domains, you should set this to something that does not -// attempt to use the authority at all. Ideally it would be another hostname that points to this server. -// Example: unlockedDomain="shindig.example.com" lockedDomainSuffix="-locked.gadgets.example.com" -"gadgets.uri.iframe.lockedDomainSuffix": "${Cur['defaultShindigTestAuthority']}", - // Origins for CORS requests and/or Referer validation // Indicate a set of origins or an entry with * to indicate that all origins are allowed "gadgets.parentOrigins" : ["*"], @@ -80,14 +69,6 @@ "gadgets.iframeBaseUri" : "${CONTEXT_ROOT}/gadgets/ifr", "gadgets.uri.iframe.basePath" : "${CONTEXT_ROOT}/gadgets/ifr", -// jsUriTemplate will have %host% and %js% substituted. -// No locked domain special cases, but jsUriTemplate must -// never conflict with a lockedDomainSuffix. -"gadgets.jsUriTemplate" : "http://%host%${CONTEXT_ROOT}/gadgets/js/%js%";, - -"gadgets.uri.js.host" : "http://www.example.com/";, -"gadgets.uri.js.path" : "${CONTEXT_ROOT}/gadgets/js", - // Callback URL. Scheme relative URL for easy switch between https/http. "gadgets.uri.oauth.callbackTemplate" : "//%host%${CONTEXT_ROOT}/gadgets/oauthcallback", @@ -115,30 +96,48 @@ "gadgets.doctype_pubid" : "", "gadgets.doctype_sysid" : "", +// In a locked domain config, these can remain as-is in order to have requests encountered use the +// host they came in on (locked host). +"default.domain.locked.client" : "%host%", +"default.domain.locked.server" : "%authority%", + +// IMPORTANT: EDITME: In a locked domain configuration, these should be changed to explicit values of +// your unlocked host. You should not use %host% or %authority% replacements or these defaults in a +// locked domain deployment. +// Both of these values will likely be identical in a real locked domain deployment. +"default.domain.unlocked.client" : "${Cur['default.domain.locked.client']}", +"default.domain.unlocked.server" : "${Cur['default.domain.locked.server']}", + +// You can change this if you wish unlocked gadgets to render on a different domain from the default. +"gadgets.uri.iframe.unlockedDomain" : "${Cur['default.domain.unlocked.server']}", // DNS domain on which *unlocked* gadgets should render. + +// IMPORTANT: EDITME: In a locked domain configuration, this suffix should be provided explicitly. +// It is recommended that it be a separate top-level-domain (TLD) than the unlocked TLD. +// You should not use replacement here (avoid %authority%) +// Example: unlockedDomain="shindig.example.com" lockedDomainSuffix="-locked.example-gadgets.com" +"gadgets.uri.iframe.lockedDomainSuffix" : "${Cur['default.domain.locked.server']}", // DNS domain on which *locked* gadgets should render. -// Authority (host:port without scheme) for the default shindig test instance. -"defaultShindigTestAuthority":"%authority%", - -// Authority (host:port without scheme) for the proxy and concat servlets. -"defaultShindigProxyConcatAuthority":"%authority%", +// Should all gadgets be forced on to a locked domain? +"gadgets.uri.iframe.lockedDomainRequired" : false, // Default Js Uri config: also must be overridden. -"gadgets.uri.js.host": "//${Cur['defaultShindigTestAuthority']}", -"gadgets.uri.js.path": "${CONTEXT_ROOT}/gadgets/js", +// gadgets.uri.js.host should be protocol relative. +"gadgets.uri.js.host" : "//${Cur['default.domain.unlocked.server']}", // Use unlocked host for better caching. +"gadgets.uri.js.path" : "${CONTEXT_ROOT}/gadgets/js", // Default concat Uri config; used for testing. -"gadgets.uri.concat.host" : "${Cur['defaultShindigProxyConcatAuthority']}", +"gadgets.uri.concat.host" : "${Cur['default.domain.unlocked.server']}", // Use unlocked host for better caching. "gadgets.uri.concat.path" : "${CONTEXT_ROOT}/gadgets/concat", "gadgets.uri.concat.js.splitToken" : "false", // Default proxy Uri config; used for testing. -"gadgets.uri.proxy.host" : "${Cur['defaultShindigProxyConcatAuthority']}", +"gadgets.uri.proxy.host" : "${Cur['default.domain.unlocked.server']}", // Use unlocked host for better caching. "gadgets.uri.proxy.path" : "${CONTEXT_ROOT}/gadgets/proxy", -//Enables/Disables feature administration +// Enables/Disables feature administration "gadgets.admin.enableFeatureAdministration" : "false", -//Enables whitelist checks +// Enables whitelist checks "gadgets.admin.enableGadgetWhitelist" : "false", // This config data will be passed down to javascript. Please @@ -149,11 +148,10 @@ // See individual feature.xml files for configuration details. "gadgets.features" : { "core.io" : { - // Note: /proxy is an open proxy. Be careful how you expose this! - // Note: Here // is replaced with the current protocol http/https - //"proxyUrl" : "//%host%${CONTEXT_ROOT}/gadgets/proxy?container=%container%%rewriteMime%&refresh=%refresh%&gadget=%gadget%/%rawurl%", - "proxyUrl" : "//%host%${CONTEXT_ROOT}/gadgets/proxy?container=%container%&refresh=%refresh%&url=%url%%rewriteMime%", - "jsonProxyUrl" : "//%host%${CONTEXT_ROOT}/gadgets/makeRequest" + // Note: ${Cur['gadgets.uri.proxy.path']} is an open proxy. Be careful how you expose this! + // Note: These urls should be protocol relative (start with //) + "proxyUrl" : "//${Cur['default.domain.unlocked.client']}${Cur['gadgets.uri.proxy.path']}?container=%container%&refresh=%refresh%&url=%url%%rewriteMime%", + "jsonProxyUrl" : "//${Cur['default.domain.locked.client']}${CONTEXT_ROOT}/gadgets/makeRequest" }, "views" : { "profile" : { @@ -276,7 +274,7 @@ "enableCaja" : false, "supportedFields" : { "person" : ["id", {"name" : ["familyName", "givenName", "unstructured"]}, "thumbnailUrl", "profileUrl"], - "activity" : ["appId", "body", "bodyId", "externalId", "id", "mediaItems", "postedTime", "priority", + "activity" : ["appId", "body", "bodyId", "externalId", "id", "mediaItems", "postedTime", "priority", "streamFaviconUrl", "streamSourceUrl", "streamTitle", "streamUrl", "templateParams", "title", "url", "userId"], "activityEntry" : ["actor", "content", "generator", "icon", "id", "object", "published", "provider", "target", Modified: shindig/trunk/php/test/gadgets/ContainerConfigTest.php URL: http://svn.apache.org/viewvc/shindig/trunk/php/test/gadgets/ContainerConfigTest.php?rev=1207899&r1=1207898&r2=1207899&view=diff ============================================================================== --- shindig/trunk/php/test/gadgets/ContainerConfigTest.php (original) +++ shindig/trunk/php/test/gadgets/ContainerConfigTest.php Tue Nov 29 15:07:31 2011 @@ -65,7 +65,6 @@ class ContainerConfigTest extends PHPUni "gadgets.parent" : null, "gadgets.uri.iframe.lockedDomainSuffix" : "-a.example.com:8080", "gadgets.iframeBaseUri" : "/gadgets/ifr", -"gadgets.jsUriTemplate" : "http://%host%/gadgets/js/%js%";, "gadgets.uri.oauth.callbackTemplate" : "//%host%/gadgets/oauthcallback" } EOD; @@ -77,7 +76,6 @@ EOD; $this->assertEquals(null, $jsonObj["gadgets.parent"]); $this->assertEquals("-a.example.com:8080", $jsonObj["gadgets.uri.iframe.lockedDomainSuffix"]); $this->assertEquals("/gadgets/ifr", $jsonObj["gadgets.iframeBaseUri"]); - $this->assertEquals("http://%host%/gadgets/js/%js%";, $jsonObj["gadgets.jsUriTemplate"]); $this->assertEquals("//%host%/gadgets/oauthcallback", $jsonObj["gadgets.uri.oauth.callbackTemplate"]); } }
