-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/5013/
-----------------------------------------------------------
(Updated 2012-05-07 18:45:53.595406)
Review request for shindig.
Changes
-------
Added JIRA
Summary
-------
Change to io.js to send the security token as a request header on all requests.
This preserves the ability for the browser to cache the responses.
UrlParameterAuthenticationHandler, if no other token supplied on request,
checks the request header for the field
MakeRequestHandler sets the security token in all HttpRequest objects. This
change does not cause a failure if there is no token, though that could be
considered.
The makeXhrRequest logic was reordered slightly, as the opt_headers were not
included on the request if paramData was null. So for example, if the
makeRequest wanted to set opt_headers in the call parameters, but it was 'GET'
method in makeRequest, the opt_headers would not be added to the request. I
didn't come up with a reason for that restriction, and so reordered the logic
and moved the opt_headers updates to the request outside of the if (paramData
!= null) test.
This addresses bug SHINDIG-1768.
https://issues.apache.org/jira/browse/SHINDIG-1768
Diffs
-----
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/core.io/io.js
1332240
http://svn.apache.org/repos/asf/shindig/trunk/features/src/test/javascript/features/core.io/iotest.js
1332240
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java
1304584
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
1327569
Diff: https://reviews.apache.org/r/5013/diff
Testing
-------
Existing tests passed.
Thanks,
BrianLillie
