Sorry for the spam, one other thought. Do you have any other script tags that match this regex in your page, Doug? We might be finding the wrong one that doesn't have the container query param on it.
Thanks, -Stanton From: Stanton Sievers/Westford/IBM To: [email protected], Date: 06/07/2012 15:15 Subject: Re: Issue with container and security tokens in beta2 Henry, I think it does match. I executed the folllowing in my firebug console and it returned true: /.*gadgets\/js\/.*container.*[.]js.*[?&]c=1(&|$).*/.test(" http://ocwms.worldkat.qa.oclc.org/opensocial/gadgets/js/oclccontainer:userprefsui:rpc.js?nocache=1&c=1&debug=1&container=oclc "); Doug, can you ensure that your tokens have the correct container in them? Thanks, -Stanton From: Henry Saputra <[email protected]> To: [email protected], Date: 06/07/2012 14:55 Subject: Re: Issue with container and security tokens in beta2 Actually its maybe in the init.js function initializeGlobalVars() Looks like the URL http://ocwms.worldkat.qa.oclc.org/opensocial/gadgets/js/oclccontainer:userpr efsui:rpc.js?nocache=1&c=1&debug=1&container=oclc does not contain the expected pattern /.*gadgets\/js\/.*container.*[.]js.*[?&]c=1(&|$).*/ - Henry On Thu, Jun 7, 2012 at 9:30 AM, daviesd <[email protected]> wrote: > In beta1 I use to see the following flow. > > Request the javascript using container=oclc > > http://ocwms.worldkat.qa.oclc.org/opensocial/gadgets/js/oclccontainer:userpr > efsui:rpc.js?nocache=1&c=1&debug=1&container=oclc > > The iframe request would then look as follows > > http://ocwms.worldkat.qa.oclc.org/opensocial/gadgets/ifr?url=https%3A%2F%2Fw > orldkat.qa.oclc.org%2Fgallery%2Fgadgets%2F40%2Fxml&container=oclc&view=defau > lt&lang=en&country=US&debug=0&nocache=1&sanitize=0&v=584fb331f9d4272d7164ccf > e49e0569c&st=oclc%3ATOKEN&testmode=0&parent=http%3A%2F%2Focwms.worldkat.qa.o > clc.org&mid=0 > > Notice that the container is CORRECT (oclc). For length purpose I did not > show the entire length of our security token (it¹s long) so I just put > TOKEN. > > In beta2 I see > > http://platform.oclc.org:8080/opensocial/gadgets/ifr?url=http%3A%2F%2Fplatfo > rm.oclc.org%3A8080%2Fopensocial-demo%2Fgadgets%2Fsettitle.xml&container=defa > ult&view=default&lang=en&country=US&debug=0&nocache=0&sanitize=0&v=1545d7ce1 > 25d3b0f296d91751cbba444&st=%25st%25&testmode=0&parent=http%3A%2F%2Fplatform. > oclc.org%3A8080&mid=0#rpctoken=147042121 > > Notice the container is WRONG (default) and that the ST param is null > because when it went to lookup the crypter for the container it was not > found (I¹m not sure why default isn¹t found... Still checking on that). If > I hardcode OCLC at > > BlobCrypter crypter = crypters.get(aToken.getContainer()); > > In BlobCrypterSecurityTokenCodec when it does the crypter lookup then > everything works fine. > > Does anyone have any ideas what may have changed and where to look? > > doug >
