portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Santiago Gala <sg...@hisitech.com>
Subject Re: new WebPagePortlet and cookies
Date Fri, 16 Nov 2001 12:34:54 GMT
En jue, 2001-11-15 a 18:58, Paul Spencer escribió:
> Laura,
> So you are requesting that the cookies retrieved from the Server by the
> WebPagePortlet will be passed, along with the Server's domain
> information [ javax.servlet.http.Cookie.setDomain() ], to the browser?

This issue I have discussed in detail, and it is non trivial.

To have an effective WebPagePortlet, we would need a server side "proxy"
service that would do:

- management of cookies (not to the client browser, but in the client
session in the proxy)
- rewriting of urls so that those in the webpage base pass back through
the server (so that the cookie can be sent back).Esentially, the proxy
would keed a map of "true" url vs "rewritten" ones. This can be tricky,
as URLs can come disguised in javascript, or composed in code.
- caching of getContent() requests when they come from different portlet
actions in the user page, to avoid fake interactions with the server
when the user, for instance, minimises a separate portlet in the same

While using IFRAME solves some of these problems, it does *not* solve
the fact that any interaction in separate portlets in the page spoils
the state of the IFRAME. Hence the need of such a proxy.

This is in addition to all the security issues, which I have not looked
in depth.

The other side of the equation is that it is so damned useful while web
services are not common, that I think a lot of people would like to have
it around.

What do you think? While difficult, I don't think it is not doable.
Using jTidy + some HttpClient library (there are quite) could do.

To unsubscribe, e-mail:   <mailto:jetspeed-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:jetspeed-dev-help@jakarta.apache.org>

View raw message