openstack team mailing list archive

[Nick Lothian <nick.lothian@xxxxxxxxx>]

JSONP has been used for years - for example Solr has supported it since
2008 (and possibly earlier). CORS matches the Openstack APIs better though.

Redirects are unrelated to the problem as far as I can see.

I think that toolmakers trying to build Javascript tools that connect to
multiple service providers is a completely valid use case. It is supported
for pretty much any other language, why not Javascript?
On Apr 25, 2012 12:33 PM, "Jan Drake" <jan_drake@xxxxxxxxxxx> wrote:

> So, why such a focus on this?  IMO both JSONP and CORS are way too early
> stage to adopt and the security risks outweigh the rewards.  Usually, I see
> people doing this to enable mashups across separate providers.
>
> Just curious why the focus/need is perceived in the community?  If this is
> really because of redirects then we probably have a broken model and/or
> improper distribution of responsibilities.
>
> Love to know if I'm missing a real use case.  Can help fix model if it is
> broken.  Have much experience in this area.
>
> IMO no solution should trick the browser.
>
>
> Jan
>
>
>
> On Apr 24, 2012, at 7:05 PM, Luis Gervaso <luis@xxxxxxxxx> wrote:
>
> The solution until the webservice deliver that headers is:
>
> Solution 1:
>
> 1. Put the webservice behind a remote or local proxy
> 2. Apply some a filter (decorator) for each response with the CORS headers
> (in the proxy) in order to trick the browser
>
> Solution 2:
>
> Some time ago I tested it with Chrome (disabling security) and it worked
> for me
>
> Solution 3 (really dirty, but works):
>
> Embedded Flash Proxy
>
>
> On Wed, Apr 25, 2012 at 3:09 AM, Nick Lothian <nick.lothian@xxxxxxxxx>wrote:
>
>> Yes, this will work if I know in advance what server I will be connecting
>> too.
>>
>> However, it does remove the ability to support any cloud without
>> intervention on the serverside.
>> On Apr 25, 2012 2:46 AM, "Joel Semar" <semarjt@xxxxxxxxx> wrote:
>>
>>> Nick,
>>>
>>> I know you said 'serverless clients' but you have to be serving the js
>>> from somewhere right?
>>>
>>> If you are using nginx it can be as simple as:
>>>
>>> location /nova/ {
>>>    proxy_pass: http://nova-api.trystack.org;
>>> }
>>>
>>> then you can POST to yourserver/nova/v.02/.  from the browser
>>>
>>> etc.
>>> (it's just about as simple on apache but you'd have to look it up)
>>>
>>>
>>> But then i guess this won't work for you if you are writing
>>> some distributable component/plugin/library.
>>>
>>> (sorry if you've already dismissed this option but i thought it worth a
>>> shot since it has worked flawlessly for me in the past)
>>>
>>>
>>>
>>> On Tue, Apr 24, 2012 at 9:49 AM, Sandy Walsh <sandy.walsh@xxxxxxxxxxxxx>wrote:
>>>
>>>>
>>>>
>>>> On 04/24/2012 11:19 AM, Nick Lothian wrote:
>>>> > JSONP is great, but won't work with POST requests.
>>>>
>>>> Hmm, good point.
>>>>
>>>> > I don't quite understand what "Due to the redirect nature of the auth
>>>> > system" means, though.
>>>> >
>>>> > If I use a custom Webkit browser & allow cross domain XMLHttpRequests
>>>> it
>>>> > works fine - I do a POST to /v2.0/tokens, get the token and then use
>>>> > that. What am I missing?
>>>>
>>>> The Auth system will give you a token and then a new "management" url
>>>> where the actual commands are issued (the real Nova API endpoint). These
>>>> are often two different systems (domains), so cross-site requests are
>>>> mandatory.
>>>>
>>>> -S
>>>>
>>>>
>>>>
>>>> > Nick
>>>> >
>>>> > On Tue, Apr 24, 2012 at 8:57 PM, Sandy Walsh <
>>>> sandy.walsh@xxxxxxxxxxxxx
>>>> > <mailto:sandy.walsh@xxxxxxxxxxxxx>> wrote:
>>>> >
>>>> >     Due to the redirect nature of the auth system we may need JSONP
>>>> support
>>>> >     for this to work.
>>>> >
>>>> >
>>>> >
>>>> >     _______________________________________________
>>>> >     Mailing list: https://launchpad.net/~openstack
>>>> >     Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>>>> >     <mailto:openstack@xxxxxxxxxxxxxxxxxxx>
>>>> >     Unsubscribe : https://launchpad.net/~openstack
>>>> >     More help   : https://help.launchpad.net/ListHelp
>>>> >
>>>> >
>>>> >
>>>> >
>>>> > _______________________________________________
>>>> > Mailing list: https://launchpad.net/~openstack
>>>> > Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>>>> > Unsubscribe : https://launchpad.net/~openstack
>>>> > More help   : https://help.launchpad.net/ListHelp
>>>>
>>>> _______________________________________________
>>>> Mailing list: https://launchpad.net/~openstack
>>>> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>>>> Unsubscribe : https://launchpad.net/~openstack
>>>> More help   : https://help.launchpad.net/ListHelp
>>>>
>>>
>>>
>>>
>>> --
>>> Cheers,
>>>
>>> Joel
>>>
>>>
>>> _______________________________________________
>>> Mailing list: https://launchpad.net/~openstack
>>> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>>> Unsubscribe : https://launchpad.net/~openstack
>>> More help   : https://help.launchpad.net/ListHelp
>>>
>>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~openstack
>> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~openstack
>> More help   : https://help.launchpad.net/ListHelp
>>
>>
>
>
> --
> -------------------------------------------
> Luis Alberto Gervaso Martin
> Woorea Solutions, S.L
> CEO & CTO
> mobile: (+34) 627983344
> luis@ <luis.gervaso@xxxxxxxxx>woorea.es
>
>  _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>
>