Thanks JonL,
-- I'm aware of CORS headers, but unfortunately this case is different. Currently WebWorker will not start if it's not in the same origin as the context that wants to start it... According to the spec it should start in different security context but that's not yet supported in browsers.
The other idea I came up was to fetch worker code with ajax and use it as a blob: uri, but I would have to do the same for all imported scripts which is not that nice considering the fact that I already have a fallback for a situation when workers are not supported.
On Thursday, October 22, 2015 at 3:34:26 PM UTC+2, JonL wrote:
On Thursday, October 22, 2015 at 3:34:26 PM UTC+2, JonL wrote:
Greg,You can create a filter that will set the appropriate headers for things served from the CodeServer with a filter like the one below (from https://spring.io/guides/gs/rest-service-cors/ ) .public class SimpleCORSFilter implements Filter { public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletResponse response = (HttpServletResponse) res; response.setHeader("Access-Control-Allow-Origin" , "*"); response.setHeader("Access-Control-Allow-Methods" , "POST, GET, PUT, OPTIONS, DELETE"); response.setHeader("Access-Control-Max-Age" , "3600"); response.setHeader("Access-Control-Allow-Headers" , "Origin, X-Requested-With, Content-Type, Accept"); chain.doFilter(req, res); } public void init(FilterConfig filterConfig) {} public void destroy() {} }Only use this filter in dev mode though, remove it from the web.xml for production.On Wednesday, October 21, 2015 at 8:02:56 AM UTC-7, Greg wrote:HiThis is an old thread but I have similar SOP issue:I have a host page in the root of the webapp: /index.htmlI also have a web worker on public path which ends up in /worker/Name.worker.jsI'm starting the worker using 'new Worker(<absolute url to worker file>); which is based on GWT.getModuleBaseUrlForStaticFiles (); The problem is when running in SDM public path is hosted from CodeServer and not from DevMode server where host page is located:http://localhost:9876/<module name>/worker/Name.worker.jsIs there any workaround for this except moving worker file from public path to webapp directory?Greg
On Monday, March 4, 2013 at 11:22:45 AM UTC+1, Thomas Broyer wrote:
On Monday, March 4, 2013 10:45:35 AM UTC+1, Harold wrote:Hi Thomas,Thanks for you answer.Following your suggestion ( new Image(myImageResource) ), there is no more security error :)All my textures are loaded but are almost empties. According to WebGLInspector all textures have size 1x1 with a transparent pixel.It looks like that the HTMLImageElement obtained via image.getElement() is not properly filled now.An idea about that ?The image then is probably a "clipped image" using a sprited image: the image itself is a 1×1px transparent gif (clear.cache.gif, served from the same origin as the app) and the image is set as its background, with background-position and clip to only show the portion of the sprited image that corresponds to the original image. That makes me think we should add a isComplete() or isSprited() to ImageResource to "optimize" the way we create Image widgets out of ImageResources (which I happen to have already proposed in issue 7403).Anyway, that explains why the security error has vanished.So in the mean time, revert to "new Image(myImageResource.getSafeUri())" (no need to use asString(), there's an overload taking a SafeUri argument), but then I bet you'll have the security error back…
You received this message because you are subscribed to the Google Groups "GWT Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscribe@googlegroups.com.
To post to this group, send email to google-web-toolkit@googlegroups.com.
Visit this group at http://groups.google.com/group/google-web-toolkit.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment