On 28 October 2011 14:55, Jean-Noël Colin <[email protected]> wrote: > To overcome the same-origin limitation, a widget has to proxify urls it wants > to access so that they are served by the Wookie server. > > From what we saw, proxify 'simply' calls the Wookie Proxy servlet with the > target url as parameter. Wookie than handles the connection with the server > and returns the content. > > What about cookies? If the remote url I want to reach relies on cookie, those > won't be sent, and thus, the remote service won't work properly. It is by > design or by default that this is not handled? >
This is an issue I bumped up against recently and reported at https://issues.apache.org/jira/browse/WOOKIE-251 I've not had the time to think of a solution to this problem yet, suggestions are welcome. > Another issue with this approach is that if in the reply from the remote > service there are links, those won't be proxified, thus when I click on a > button, it will invoke directly the remote site, without going through > wookie, Aren't we facing the same-origin limitation? > I'm not sure I understand the problem here. Can you give a concrete example of where same-origin would be a problem in this case. Ross
