cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Oliver <res1c...@verizon.net>
Subject Re: Discussion of Flow Issues
Date Tue, 18 Mar 2003 21:29:15 GMT
Stefano Mazzocchi wrote:
>> Another possibility is to only expose the session at the Java level 
>> (not JavaScript) forcing new JavaScript objects that need access to it 
>> to be written in Java. This might prevent abuse.
> 
> 
> Hmmm, if you don't get a hook to the ObjectModel, how can you get a java 
> session object from the flow?
> 

What I meant was instead of this:

   public class JSCocoon extends ScriptableObject {

        public Session jsGet_session()  // expose session to JavaScript
         {
               ...
         }
   }


we could do this:

   public class JSCocoon extends ScriptableObject {

          public Session getSession() { // not available in JavaScript
          }

          public static Session getSession(Scriptable scope) {
                Scriptable topLevel = getTopLevelScope(scope);
                Object obj = getProperty(topLevel, "cocoon");
                return ((JSCocoon)obj).getSession();
          }
   }


Then if you need access to a Session you would have to implement a 
JavaScript object in Java, for example:


   class MyObject extends ScriptableObject {

      public String getClassName() {return "MyObject";}

      public void jsFunction_foo() {
          // I need the session:
	 Session session = JSCocoon.getSession(this);
      }
   }

Then in javascript you could do this:

var obj = new MyObject();
cocoon.session; // undefined
obj.foo(); // but foo() uses the session


Mime
View raw message