[Zope3-dev] Re: Problems with Moz security
Martijn Pieters
mj@zope.com
Sat, 2 Mar 2002 20:24:34 -0500
On Sat, Mar 02, 2002 at 04:43:53PM -0600, Stephan Richter wrote:
> I was playing with XUL and your nifty XMLRPC components (which I never saw
> working) to create some of the Zope 3 management screens. However, since my
> XUL scripts are served from the Web, security will not allow me to access
> XML-RPC. What do I have to do to make that work? I would really prefer not
> to run/install any local components.
Heh. :) No XPCOM components are accessible to any web loaded XUL content, so
not my XML-RPC client either.. IIRC, there was once a pref (in the
javascript-based preference file) you could switch access to XPCOM from the
web on; dangerous and not very suitable for general distribution of your XUL
views,
There are two ways of solving this; making your package a locla install (not
really that hard), or don't use my XML-RPC component. Use XMLHttpRequest
instead and a DOM based XML-RPC client (doesn't scale as well as my stream
based one, but hey, that is what you can get). For XMLHttpRequest docs, see:
http://www.mozilla.org/xmlextras/
There is a JS library that does just that; the library also works in IE:
http://www.vcdn.org/Public/XMLRPC/
A third option would be to implement SOAP support in Zope3 and use the
forthcoming SOAP support in Mozilla (not yet enabled in any release, I
believe).
--
Martijn Pieters
| Software Engineer mailto:mj@zope.com
| Zope Corporation http://www.zope.com/
| Creators of Zope http://www.zope.org/
---------------------------------------------