[jira] [Updated] (SHINDIG-1822) Resouces(js,css) Requests through the shindig /concat servlet/proxy servlet are not signed

[Zhihong Yang (JIRA)]

     [ 
https://issues.apache.org/jira/browse/SHINDIG-1822?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Zhihong Yang updated SHINDIG-1822:
----------------------------------

    Description: 
Create a gadget that just has a 
<Content><[CDATA[
<script src="SOME-JS-FILE.js" type="text/javascript"></script>
<link rel="stylesheet" type="text/css" href="SOME-CSS-FILE.css" />
]]>
 </Content> 
 
During the content rewrite, the container will create a js link to the Concat 
servlet that includes that JS or create a css link to proxy servlet that 
includes that CSS.   

A config option as below will be added to container.js so that URLs to the 
concat/proxy servlet include a security token (st=<gadet-security-token>), via 
this security token, the request to those js/css file from gadget can be 
idendified and authorized. 

//Enables/Disables securiry token for js, css resources loaded by concat 
servlet/proxy servlet
"gadgets.admin.enableSecuryTokenForConcat" : "false",


  was:
Create a gadget that just has a 
<Content><[CDATA[
<script src="SOME-JS-FILE.js" type="text/javascript"></script>
<link rel="stylesheet" type="text/css" href="SOME-CSS-FILE.css" />
]]>
 </Content> 
 
During the content rewrite, the container will create a js link to the Concat 
servlet that includes that JS and create a css link to proxy servlet that 
includes that CSS.   

A config option as below will be added to container.js so that URLs to the 
concat/proxy servlet include a security token (st=<gadet-security-token>), via 
this security token, the request to those js/css file from gadget can be 
idendified and authorized. 

//Enables/Disables securiry token for js, css resources loaded by concat 
servlet/proxy servlet
"gadgets.admin.enableSecuryTokenForConcat" : "false",


    
> Resouces(js,css) Requests through the shindig /concat servlet/proxy servlet 
> are not signed
> ------------------------------------------------------------------------------------------
>
>                 Key: SHINDIG-1822
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-1822
>             Project: Shindig
>          Issue Type: Improvement
>          Components: Java
>    Affects Versions: 2.5.0-beta2
>            Reporter: Zhihong Yang
>             Fix For: 2.5.0-beta2
>
>
> Create a gadget that just has a 
> <Content><[CDATA[
> <script src="SOME-JS-FILE.js" type="text/javascript"></script>
> <link rel="stylesheet" type="text/css" href="SOME-CSS-FILE.css" />
> ]]>
>  </Content> 
>  
> During the content rewrite, the container will create a js link to the Concat 
> servlet that includes that JS or create a css link to proxy servlet that 
> includes that CSS.   
> A config option as below will be added to container.js so that URLs to the 
> concat/proxy servlet include a security token (st=<gadet-security-token>), 
> via this security token, the request to those js/css file from gadget can be 
> idendified and authorized. 
> //Enables/Disables securiry token for js, css resources loaded by concat 
> servlet/proxy servlet
> "gadgets.admin.enableSecuryTokenForConcat" : "false",

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira