Hi Apurv, Thanks for clarifying that. Refreshing the page is ok on containers like orkut as typically any section the user visits refreshes a page by default. However, this token expiration becomes a more valid concern when one is using other AJAX based containers like iGoogle or Gmail. These containers, especially Gmail, will perform all the operations without refreshing the page. Hence, if a user logs in and tries to access the application, there is a high chance that the token has already expired (more-so because users tend to keep gmail or iGoogle open all through the day). Right now the only way to overcome this is by doing a "hard refresh" which might be annoying for a majority of the users.
Is there a more graceful solution to this problem? Can the app re-initiate the security token explicitly if it knows that the token has already expired? Your feedback on this is much appreciated. Thanks, Swapnil On Sun, Mar 8, 2009 at 10:33 PM, Apurv Gupta <[email protected]> wrote: > Hi Swapnil, > > Orkut times out the security token after an hour. So if you keep the > application open for too long, the token is invalid and makeRequest won't go > through. Try refreshing the page to get a new token. > > Thanks, > -apurv > > On Sun, Mar 8, 2009 at 11:14 PM, Swapnil Shinde <[email protected]> wrote: > >> Hi Orkut Team, >> I have been testing this for a while now and I am pretty sure at this >> point that there is a major issue with the makeRequest API. Let me explain >> it: >> >> 1. I have consistently reproduced this issue when you keep your >> application open for a long period of time maybe 20mins. >> 2. Now try to access the application, such that it makes a makeRequest API >> call to the server. >> 3. The API call fails reporting a "Bad Request". It says the server >> returned "Error 400". This is the response I get from the API call: >> >> *<HTML> >> <HEAD> >> <TITLE>Bad Request</TITLE> >> </HEAD> >> <BODY BGCOLOR="#FFFFFF" TEXT="#000000"> >> <H1>Bad Request</H1> >> <H2>Error 400</H2> >> </BODY> >> </HTML>* >> >> >> 4. However, when I check the apache access and error longs on the server >> side, I see that the API call never reached the server. >> 5. That means makeRequest API call failed on the container side, without >> even going to the server. >> 6. I have seen this issue on Orkut and Gmail containers alike. >> 7. All requests that I am making are signed requests. >> 8. The obj.text of the response is "undefined" when this issue occurs. >> >> This is the makeRequest sample code I am using: >> >> params[gadgets.io.RequestParameters.AUTHORIZATION] = >> gadgets.io.AuthorizationType.SIGNED; >> >> params[gadgets.io.RequestParameters.CONTENT_TYPE] = >> gadgets.io.ContentType.TEXT; >> >> gadgets.io.makeRequest(url, respFunction, params); >> >> >> Any idea what is going on or how I can overcome this issue? >> >> Thanks, >> Swapnil. >> >> >> >> > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Orkut Developer Forum" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/opensocial-orkut?hl=en -~----------~----~----~----~------~----~------~--~---
