Accessing from elsewhere than localhost
Reported by nott | October 9th, 2008 @ 07:02 PM | in 0.2
WERTi inserts the wrong link to the GWT Enhancers if used from elsewhere than localhost. It is essential that the JavaScript GWT magic is loaded from exactly the same host name that was used in the HTTP request. Otherwise, browsers will regard the JS insertion as a cross-site scripting attack and refuse the execution of the code.
Comments and changes to this ticket
-
adimit October 9th, 2008 @ 09:53 PM
- Assigned user set to “adimit”
- State changed from “new” to “open”
Have you tried adjusting
this-serverinWERTi.properties? -
nott October 10th, 2008 @ 08:04 PM
Yes, but it didn't help. Actually we do not believe this to be the right place. It must be auto-detected from the HTTP request, as you can never guarantee 100% that the hostnames match. This is now implemented in the gerunds branch in commit 0e4f4c71ffa4873b3a3b7fe8f42289374fc97753.
-
nott October 10th, 2008 @ 08:09 PM
Actually we produced a messy multiple commit catastrophe on gerunds here... arg.
-
adimit October 10th, 2008 @ 11:56 PM
OK, please inform me about the status once the mess is cleaned up :-) if not, i'll try to investigate the problem after the conditionals branch is in good ... condition.
-
adimit October 10th, 2008 @ 11:56 PM
- Milestone set to “0.2”
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
A platform for aiding second language learners through texts acquired from the Internet.
adimit
nott