----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/3334/ -----------------------------------------------------------
(Updated 2012-01-03 15:18:36.205998) Review request for shindig and Jasvir Nagra. Changes ------- Added license boilerplate to the gadget. Added Jasvir for his input. Summary ------- This is the first of a couple of gadgets I'd like to commit that can act as unit tests for testing deployment configurations, such as locked domains and security token encryption. This particular gadget simply tries to get at container information (the location) from within the gadget. In a properly configured environment this should be disallowed due to browser same-origin policy. Can anyone else think of anything that this gadget should be testing? Currently it will simply try to get at the parent window's location and then will keep lowering its domain to try to match that of the container's. Diffs (updated) ----- http://svn.apache.org/repos/asf/shindig/trunk/content/samplecontainer/examples/ContainerGadgetDomainTest.xml PRE-CREATION http://svn.apache.org/repos/asf/shindig/trunk/content/samplecontainer/examples/commoncontainer/gadgetCollections.json 1226796 Diff: https://reviews.apache.org/r/3334/diff Testing ------- Container: localhost, Gadget: localhost, Result: Fail Container: container.foobar.com, Gadget: gadgets.foobar.com, Result: Success Container: foobar.com, Gadget: gadgets.foobar.com, Result: Fail (when the container page has set document.domain to location.hostname) And I'm sure I tried some other things as well. :) Thanks, Stanton
