On Fri, Jan 16, 2009 at 02:18:39PM -0800, Jordan Zimmerman wrote: > Does Shindig do appId validation for the various service APIs > (AppDataService, etc.) or do I need to do it? I'm concerned about > security and App A accessing/overwriting App B's data.
You need to do it yourself. From shindig's point of view, appId is just an opaque string.
