Jens,
On Wednesday, December 4, 2013 3:38:27 PM UTC-8, Jens wrote:
-- Appreciate the response. You have confirmed my fears. Your point about using a proxy is interesting. Can you help me understand how that would work. I gave this some thought in the beginning. Its not like GWT-RPC or any other AJAX style invocation from client is exempt from SOP. Then how would the proxy approach really work?
1. GWT client talks to GWT server component using Requestbuilder which has the ability to pass custom headers. This is async
2. What does the server do? Make another http call to the server in the other domain?
Thanks in advance for any details you can provide
Bindu
On Wednesday, December 4, 2013 3:38:27 PM UTC-8, Jens wrote:
JSONP boils down to a <script> tag inserted in your document. Thats why you only have URL parameters.What you need is CORS: http://de.wikipedia.org/wiki/Cross-Origin_Resource_ Sharing If the external server is not configured for CORS and you don't have control of that server then your only option is to use a server on your own domain and let it fetch the REST data for you (kind of a proxy). On your server you can do a normal HTTP request including auth headers.-- J.
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscribe@googlegroups.com.
To post to this group, send email to google-web-toolkit@googlegroups.com.
Visit this group at http://groups.google.com/group/google-web-toolkit.
For more options, visit https://groups.google.com/groups/opt_out.
No comments:
Post a Comment