container=shindig is not authenticated in any way. It's a hint about the container, but don't trust it for choosing whether to serve valuable data.
securityToken.getDomain() can be authenticated. On Mon, Dec 15, 2008 at 11:41 AM, Jamey Wood <[email protected]> wrote: > Is there some relationship between the "container" param when a gadget is > rendered (e.g. "ifr?container=shindig") and the associated SecurityToken's > domain value (e.g. "SecurityToken.getDomain())? At first glance, both seem > like ways to allow the Shindig server to customize its behavior for the > consumer in some way (such as assuming there are entirely different social > graphs for "container1" and "container2"). > > Thanks, > Jamey >
