Please read this: http://opensocialapis.blogspot.com/2007/11/improved-content-fetching-for.html
On Wed, Dec 05, 2007 at 11:01:47AM -0300, Luciano Ricardi wrote: > I really think that some few changes on the working method of > _IG_FetchContent() could bring some great security gains on OpenSocial until > the OAuth be implemented. > > Let's take the Orkut Sandbox for an example: > > 1 - We received the calls from Sandbox Proxies just from 3 proxies... > 66.249.84.15 > 72.14.195.49 > 74.125.16.6 > > Well, so we can implement security procedures on our codes that prevent to > deliver content to anauthorised IPs. This is a good enhancement in security, > but we need some way to get this IP's List. We got this IP's from the access > logs of the web server... > > 2 - The request that comes from the proxies is like this: > > "GET > /gadgets/view_content.php?id_orkut=02772430860366983940&.cache=3239336552 > HTTP/1.1" > > The id_orkut is the parameter that we put on our gadget code. The ".cache" > is appended by the proxy server. Well, why not to append the real id of the > gadget viewer? This could grant that the caller of _IG_FetchContent is the > viewer of the gadget. > > So.... this is what I suggest for enhance the security of OpenSocial until > OAuth be implemented: > > 1 - Some method to bring the IPs from the Proxy of the OpenSocial > containers. > 2 - Append the Id of the Viewer (or other informations) in the GET > parameters" > > []s > > Luciano R. > > On Dec 4, 2007 9:37 PM, nate <[EMAIL PROTECTED]> wrote: > > > > > This may or may not be obvious, but I would like to make a request > > regarding the data that will get signed into _IG_Fretch_Content() > > requests originating from OpenSocial containers. > > > > I think the primary thing that Service Provider apps will want to > > validate is the viewer/owner relationship. To that end, it would be > > really handy to make every _IG_Fretch_Content() request contain a > > signed: > > * gadget owner ID > > * gadget viewer ID > > * owner/viewer relationship (i.e. "friends" or "public") with > > respect to the container > > > > If this info can be made non-spoofable, Service Providers can reliably > > apply privacy settings, not to mention allow the gadget owner to set > > privacy settings from within the container. > > > > Thanks for your consideration, and all your hard work. > > > > - nate > > > > > > > > > -- Paul Lindner hi5 Architect [EMAIL PROTECTED]
pgpnwyuFn8noC.pgp
Description: PGP signature
