Return-Path: Delivered-To: apmail-myfaces-users-archive@www.apache.org Received: (qmail 5285 invoked from network); 28 Nov 2007 17:45:22 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 28 Nov 2007 17:45:22 -0000 Received: (qmail 61961 invoked by uid 500); 28 Nov 2007 17:45:06 -0000 Delivered-To: apmail-myfaces-users-archive@myfaces.apache.org Received: (qmail 61919 invoked by uid 500); 28 Nov 2007 17:45:06 -0000 Mailing-List: contact users-help@myfaces.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "MyFaces Discussion" Delivered-To: mailing list users@myfaces.apache.org Received: (qmail 61903 invoked by uid 99); 28 Nov 2007 17:45:06 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 28 Nov 2007 09:45:06 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of mwessendorf@gmail.com designates 209.85.146.181 as permitted sender) Received: from [209.85.146.181] (HELO wa-out-1112.google.com) (209.85.146.181) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 28 Nov 2007 17:44:44 +0000 Received: by wa-out-1112.google.com with SMTP id l24so2048722waf for ; Wed, 28 Nov 2007 09:44:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=gvJXc/cQ67Cqb7//YnMGkl+STw7Z8XQHK9z7u89j1+o=; b=QTkEyebsPnkgBdhN1v7b+JDFLw9jvgxJj1T72IvMsLa5KDRWk+C9Ox79qsQfwz+Y7aJhSNhoomFc3H34HxEdzmBYQi2yrRnBEFyhjYhI2jhZi8zrPkacL4TgVIKnSWJn++qBhpqbAoUJFFuF9+k41OUimmVXrvK/VCRnA1ESQ8M= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=hYKUHrKVqI4ibOAbtrxgvubIIMA0qPLWng+Fyq/WvMwRaQ96y5w7rLcfq46Ok6A56+XFNJjfWpBNhKDa+tddhw9mv23LaO6TplhwjiGhS9LGcTdQ6DursVQjupSVOftP4QoRGEB2ODkpiU1SGElW7guulDYDzYntR4Wez7BUhE0= Received: by 10.114.78.1 with SMTP id a1mr192124wab.1196271887339; Wed, 28 Nov 2007 09:44:47 -0800 (PST) Received: by 10.114.92.13 with HTTP; Wed, 28 Nov 2007 09:44:47 -0800 (PST) Message-ID: <71235db40711280944g6dd74f00r79857ac94618dfb5@mail.gmail.com> Date: Wed, 28 Nov 2007 18:44:47 +0100 From: "Matthias Wessendorf" Sender: mwessendorf@gmail.com To: "MyFaces Discussion" Subject: Re: Trinidad Ajax In-Reply-To: <474DA6D2.4090006@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <6AB2F728DACBB54EA203EE6736D1883A013D5F22@s3k002.hypoport.local> <71235db40711280203h616443c0pa5ae770a7b8c1cad@mail.gmail.com> <474DA6D2.4090006@gmail.com> X-Google-Sender-Auth: 815a5986946b1121 X-Virus-Checked: Checked by ClamAV on apache.org regarding IE 5.5 I think it came up here on the list, that MS isn't supporting anymore, so we also don't really :-) On Nov 28, 2007 6:35 PM, Scott O'Bryan wrote: > Jan, > > I understand that sometimes companies like this may be unwilling to > change for security reasons, but the XHR is actually a more secure > implementation. Because of the nature of iframe, you are open to may > more exploits then you will be using XHR. This is because using XHR > requires someone trying to exploit the system to familiar with the > application being used whereas in the iframe case they need to know only > that they are in a browser. > > If companies want to run in a secure environment, they really need to > not be running IE6, but rather Mozilla or IE7. As for IE 5.5, I thought > Trinidad had a minimum technical requirement of IE6 anyway. > > Scott > > > Matthias Wessendorf wrote: > > Hi Jan, > > > > yes, we switched to XHR with the release of 1.0.2 (and 1.2.2). > > There is no way to use IFrame instead of XHR. > > > > This will remain, because Ajax is pretty common these days and > > other JSF-libs have that as well. > > > > Providing an option to "fallback" might be possible, but not sure if that > > will be done. > > > > Is "IE 5.5" really still supported by M$? > > If not, I'd strongly recommend to kick that guy out. > > Sure... only the IE7 doesn't require ActiveX for XHR, but IE does. > > > > I am not aware of a solution for that. > > > > Do you have any ideas ? > > > > -Matthias > > > > On Nov 28, 2007 10:48 AM, Goerss, Jan wrote: > > > >> > >> > >> Hello all, > >> > >> > >> > >> we noticed that MyFaces Trinidad is changing the PPR mechanism towards real > >> AJAX and the XmlHttpRequest object. > >> > >> > >> > >> We are using Trinidad is the finance sector. There it is normal that the > >> clients use the Internet Explorer with deactivated ActiveX. > >> > >> Furthermore they use not the newest browsers, so we although need to support > >> at least IE 5.5+. > >> > >> > >> > >> At the beginning of our project we decide to take Trinidad because of it's > >> IFrame-PPR solution. > >> > >> > >> > >> It seems as if it is not possible to choose between the two modes: PPR or > >> AJAX. > >> > >> > >> > >> Will this remain? If so why? Otherwise, we think that a lot of Trinidad > >> library users will encounter problems with their clientsJ > >> > >> > >> > >> Thanks in advance, > >> > >> Jan > >> > >> > >> > >> > >> > >> > >> > > > > > > > > > > -- Matthias Wessendorf further stuff: blog: http://matthiaswessendorf.wordpress.com/ sessions: http://www.slideshare.net/mwessendorf mail: matzew-at-apache-dot-org