Thanks for all your answers.. I overthought your ideas and in the end I
decided to use mod_mono on the same host. Seems to be way more stable
than xsp2.
Regards, Tim
Helder Magalhães wrote:
>
> Derrell Lipman wrote:
>> Whenever you attempt to work with multiple ports or servers, you're
>> asking for trouble.
>>
>
> Derrel is right. Using different ports will force you to use «special
> tricks»... The proxy approach seems allot more cleaner and likely to work
> better in the future (browser's security is getting tighter over time).
>
> On the other hand, if you really must use the other approach, I've used
> "netscape.security.PrivilegeManager.enablePrivilege('UniversalBrowserRead')"
> to accomplish this in the past and it should work. Note that «Privileges are
> granted only in the scope of the requesting function» [1] so you must enable
> the privilege just before the server connection is performed (i.e., in the
> same scope as "callAsync" [2]). I haven't tested this using qooxdoo RPC
> infrastructure, though...
>
> Finally, could/should this ("UniversalBrowserRead" privilege support) be
> integrated into the framework? I'm not sure about this, as this may raise
> several security issues (the user really must trust the application to allow
> such setting) and alarmist dialogs will be shown to the user. Nevertheless,
> this would allow using cleaner XHR approach for many cases where (I'm
> assuming) script transport is being used.
>
>
> Helder Magalhães
>
> [1] http://www.mozilla.org/projects/security/components/signed-scripts.html
> [2] http://demo.qooxdoo.org/current/apiviewer/#qx.io.remote.Rpc~callAsync
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
qooxdoo-devel mailing list
qooxdoo-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/qooxdoo-devel
