Loading ...
Sorry, an error occurred while loading the content.


Expand Messages
  • Douglas Crockford
    Jul 2, 2007
    • 0 Attachment
      Let's look at some cases.

      Case 1. Pirate.net has a page with an iframe from penzance.org. The
      penzance widget is willing to talk to anything, and so is receptive to
      messages from the pirate page. This looks pretty easy.

      Case 2. Penzance.org has several widgets on the pirate page. Some of
      them come from penzance.org, and some from sister site penifore.com.
      These widgets want to communicate and mashup with confidential
      information, but do not want to allow the pirate page to intercept or
      insert messages.

      Perhaps there are two facets, a public facet that pirate.net is
      allowed to have, and a private one that is only for trusted relationships.

      Then there is a discovery problem. How do the penzance and penifore
      widgets get introduced if pirate.net is not trusted to do the
      introductions? They could do the introduction through their servers,
      but that is really inefficient. Is there a safe way that they can
      discover and introduce each other strictly on the client side?
    • Show all 2 messages in this topic