Hi everyone! Perhaps, we solve this by a different solution. I don't know whether I am right but I think this can be done. The container can set a cookie which contains the value of the ip address of the viewer in some encrypted form (like something md5 or sha1 value of the IP), this can be done by the server side script (what ever language, java or php). This value can then be passed to the app's server by the javascript when making the call to the app's server for some data.
IMO an an encrypted value is enough. I think server-side encryption is the solution to protect the user's privacy (and also from gadget authors exploiting their IP data). On Tue, Feb 26, 2008 at 7:35 AM, Kevin Brown <[EMAIL PROTECTED]> wrot > Actually, you're right -- we won't be forcing images through a proxy most > likely, so they could always use that vector if they really wanted to > steal > IPs. > > On Mon, Feb 25, 2008 at 5:57 PM, Brian Eaton <[EMAIL PROTECTED]> wrote: > > > On Mon, Feb 25, 2008 at 5:47 PM, Kevin Brown <[EMAIL PROTECTED]> wrote: > > > Caja will eliminate this in the long run (as well as my other > proposed > > way > > > to steal the IP). > > > > I'm not sure I believe this. In theory, sure. In practice I suspect > > that a policy that prevented the IP address from leaking in any > > possible way would also make it very difficult to write cool gadgets. > > > > I hope to be proved wrong, though. > > > > Cheers, > > Brian > > > > > > -- > ~Kevin > > If you received this email by mistake, please delete it, cancel your mail > account, destroy your hard drive, silence any witnesses, and burn down the > building that you're in. > -- Akash Xavier [EMAIL PROTECTED]
