On Tue, Apr 24, 2012 at 2:12 PM, Vsevolod Fedorov
<[email protected]> wrote:
> Hi, everybody!
>
> Now, under pyjd, pyjamas images are loaded from pyjd.pyjdinitpth by
> default. Which is full path to installed pyjamas.
> This is fine when I run application from local file. But it fails when I
> try to run application from a web server (ajax-enabling mode).
ok have you specified
pyjd.setup("http://{insertserver}/{path}/{loaderfile.html";?
if you do not do this, the underlying engine simply won't know what
its XSS security context is. remember: XSS SECURITY STILL APPLIES TO
PYJD.
because it is, in fact, still the exact same web engine that is used
in web browsers.
> I can, of course, reset pyjd.pyjdinitpth manually in main module, but is
> this was done intentionally? Or may be this can be treated as a bug?
it's a bug if you can't do what you want to do (but if you've run
into XSS then that's for you to sort out)
> May be pyjd.setup call must change pyjd.pyjdinitpth somehow?
possibly, yes. maybe. bit reluctant to say yes because the proper
solution is to have the images copied into the public/ directory and
use that. i wanted to see however if it's possible to use the system
that's been created recently.
l.
