[mashup-dev] WSAS Prominent Network
Interface Re-direction inherited in the Mashup Server
Jonathan Marsh
jonathan at wso2.com
Fri Jun 1 10:29:21 PDT 2007
FWIW, on windows there's an "Automatic Private Address" in the 169.xxx range
so there is usually an IP address even when disconnected.
Jonathan Marsh - http://www.wso2.com - http://auburnmarshes.spaces.live.com
> -----Original Message-----
> From: mashup-dev-bounces at wso2.org [mailto:mashup-dev-bounces at wso2.org]
> On Behalf Of Tyrell Perera
> Sent: Friday, June 01, 2007 9:55 AM
> To: mashup-dev at wso2.org
> Subject: Re: [mashup-dev] WSAS Prominent Network Interface Re-direction
> inherited in the Mashup Server
>
> On Fri, 2007-06-01 at 21:24 +0530, saminda abeyruwan wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hi,
> >
> > In WSAS, we are enforcing this due to "Same Origin Policy:
> > Protecting Browser State from Web Privacy Attacks". This has been
> > enforced in Firefox 1.5 onwards.
> >
> > For more info please refer to
> > http://kb.mozillazine.org/Security_Policies
> >
> > Thus, simply, if your machine has assigned an IP, Firefox doesn't
> allow
> > you to fetch data from XMLHttpRequest, if loopback address is used.
>
> I was wondering of a 'possible' scenario (specific to mashup server),
> where a user does not have an assigned IP in his local machine. Does
> firefox allow the use of loopback address then?
>
> A workaround would be to manually set a static IP (and it works). But I
> was wondering whether there is a way to detect this scenario without
> user intervention.
>
> Thanks,
>
> Tyrell
>
>
> >
> > The work around to these problems has been a simple redirection to
> the
> > prominent address.
> >
> > We didn't experience SOP problems in IE6 and IE7. (I'm a Linux guy :)
> ) .
> >
> > Thank you
> >
> > Saminda
> >
> >
> > Tyrell Perera wrote:
> > > Hi all,
> > >
> > > I have noticed that since the Mashup Server is based on WSAS, it
> > > redirects calls to the loopback address, to the prominent interface
> IP.
> > > In other words, a user can not use 127.0.0.1 or localhost to
> connect to
> > > the Mashup server.
> > >
> > > Since we are planning on allowing the users to install the server
> > > locally in their individual machines, is this a vice approach?
> > >
> > > Consider a scenario where a user logs to a corporate network using
> DHCP.
> > > This means his machine will have a dynamically allocated IP while
> on the
> > > network and 'no IP' while disconnected. If this user tries to work
> on
> > > the Mashup server while he is disconnected (i.e.; at home), he
> might not
> > > be able to do so.
> > >
> > > I'm sure there is a valid reason behind the usage of this approach
> in
> > > WSAS. But is it absolutely necessary on the Mashup server?
> > >
> > > Thanks,
> > >
> > > Tyrell
> > >
> > >
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.2.2 (GNU/Linux)
> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> >
> > iD8DBQFGYEEgYmklbLuW6wYRAkcxAJ9pcOi5+RCRaBBYRszu6CIU2GJIvgCfeVL5
> > 7Nv0ai/4328O3iunZPYqS0c=
> > =u4eD
> > -----END PGP SIGNATURE-----
> >
> > _______________________________________________
> > Mashup-dev mailing list
> > Mashup-dev at wso2.org
> > http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
>
> --
> Tyrell Perera
> Senior Software Engineer; WSO2, Inc.; http://www.wso2.com/
> email: tyrell at wso2.com; cell: +94 77 302 2505
>
> "Oxygenating the Web Service Platform."
>
>
>
>
> _______________________________________________
> Mashup-dev mailing list
> Mashup-dev at wso2.org
> http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
More information about the Mashup-dev
mailing list