For where to put GWT files (JavaScript 'AJAX', CSS, pictures, ... ) in a safe place, I found that we can only put them in the /static directory (for correctly working). but in this way, any one can see and download them, so I thinked that any one could use this to hack my website...
but Fortunately, I found something that we call "The Same Origin Policy" in AJAX .... --------------------------------------------------------------------------------------------------------------------------------------- The Same Origin Policy: Typically you can't communicate with third-party servers from a client- side Ajax application because of the Same Origin policy applied by web browsers. This policy states that your JavaScript can only access data that shares its server origin. This is a really good thing to have. Without it, it would be possible for JavaScript from another domain running in another window to change the HTML in the current window. You could never be certain that what you were looking at actually originated from the domain shown in the browser's location field. With the policy in place, we know for sure that what we are viewing was sent by the domain we are browsing. For Ajax applications, this also means that data can't be asynchronously downloaded from other domains; we can only load data from the server from which the browser loaded the application. This is an unfortunate restriction given the wealth of web services available to Ajax applications. [From a book] ----------------------------------------------------------------------------------------------------------------------------- with this policy, we are safe :) On 2 mar, 13:29, Sekhri Lotfi <[EMAIL PROTECTED]> wrote: > THINKS that work nicely!! > > I put all files (.css and .js ) in the /static folder. > and in the template HTML file i call them: > <link type="text/css" rel='stylesheet' > href='/static/appcss.css'/> > <script language="javascript" src="/static/ > com.mycompany.project.app.nocache.js"></script> > Now my GWT application work as a template. > > but I saw that Only in the /static folder where .css and .js are > founded. > for example, if i but them in a folder called /gwt , then i use: > <link type="text/css" rel='stylesheet' href='/gwt/appcss.css'/> > I have this error: > 127.0.0.1:2265 - - [02/Mar/2008 13:18:35] "HTTP/1.1 GET /gwt/ > appcss.css" - 404 Not Found > > So, Only in the /static folder where the .css and .js files are > served ? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web.py" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/webpy?hl=en -~----------~----~----~----~------~----~------~--~---
