[
https://issues.apache.org/jira/browse/SHINDIG-1870?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Minh Hoang TO updated SHINDIG-1870:
-----------------------------------
Attachment: patch
Patch for config/container.js
Could you verify if such change does not cause any effect?
> Cross-site issue as http scheme is hardcoded in some URI template in
> container.js
> ---------------------------------------------------------------------------------
>
> Key: SHINDIG-1870
> URL: https://issues.apache.org/jira/browse/SHINDIG-1870
> Project: Shindig
> Issue Type: Bug
> Reporter: Minh Hoang TO
> Attachments: patch
>
>
> Some URI templates defined in container.js has scheme hardcoded as 'http'.
> That leads to cross-site problem as we have Apache Http (configured to use
> with https) in front of Tomcat + Shindig
> Detail info:
> We have one portal application configured to access via 'https', the embedded
> shindig server using default container.js (with 'http' in some URL templates)
> runs on the same host. As our gadgets (ones using OpenSocial API) fetch
> metadata via Ajax request, the cross-site issue appears
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
