On Tue, Nov 04, 2008 at 06:24:11AM -0800, nvgigigan wrote: > > Thank it's way more clear for me now, I still got a problem, we're > using javascript to generate the iframe/iframe url and there is not > other solution for us, > do you have any idea to generate this token and give it to > javascript ? You are probably generating that javascript somewhere, right? (Because it somehow needs to change depending on the user, the app, etc) Use the same code that's doing that to generate the token and simply pass it in a variable in the JS. BTW, the token *will* be different not only for different users but also for different apps. Thus, it probably will end up being easier to generate the whole iframe URL back in the server and use the JS only to plug it into the right place in the containing page.
Even if you could get some JS code to generate the token "on the fly", it would be a pretty bad idea, because you would then need to send to the user's browser the data required to make the token, and that would make it trivial for anyone to create fake tokens. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Implementing OpenSocial Containers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-container?hl=en -~----------~----~----~----~------~----~------~--~---
