Login ProductsSalesSupportDownloadsAbout |
Home » Technical Support » Elevate Web Builder Technical Support » Support Forums » Elevate Web Builder General » View Thread |
Messages 11 to 19 of 19 total |
First CD Collector Database Application Demo |
Sun, Jan 29 2012 6:47 PM | Permanent Link |
Fernando Dias Team Elevate | Raul
Yeah, you are right, It must be that. There was a post referencing that problem some time ago, but I pay attention at that time. I'll have to do some reading about these things, my knowledge about web technologies and web development is near to zero -- Fernando Dias [Team Elevate] |
Sun, Jan 29 2012 7:06 PM | Permanent Link |
Jan Ferguson Data Software Solutions, Inc. Team Elevate | I also think you are correct. I forgot about that as well. That would
explain why I can reach it on my development machine but not via my web server. I'm with Fernando in that I still have a lot to learn about web technologies and development. Thanks for the information Raul. -- Jan Raul wrote: > I'm thinking it's the JS same origin policy issue - your web server > serves the JS files which then attempt to access elevate web site > which would not be permitted. > > Raul |
Sun, Jan 29 2012 9:17 PM | Permanent Link |
Raul Team Elevate | We're all in the same boat - most of my web stuff has been server-side with some js sprinkled in for presentation side so it'll be a JS learning curve also (hopefully just some concepts since ewb will generate most of the JS In this case it's a very straightforward case of cross-domain-scripting. We happen to know the request is safe in a sense of accessing some sample data but in reality allowing something like this would open up all kinds of vulnerabilities. Assuming this is allowed i could write a ewb app that accesses the user profile page instead (http://www.elevatesoft.com/user?action=view) and then parse out the login username and password and maybe your order history. Then all i need is another web request and post info to my server and have all the passwords. Similarly if one remains logged in to gmail or yahoom ail again malicious app could parse out your phonebook etc. Raul << I'll have to do some reading about these things, my knowledge about web technologies and web development is near to zero >> |
Mon, Jan 30 2012 4:48 PM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | Jan,
<< I compiled the CD Collector project and made the change to the code that Fernando stated in his post in this thread. However when I run the project on my server I get an error: >> You may not be able to run the project in the IDE due to cross-domain restrictions. You'll basically be trying to load data from www.elevatesoft.com while using localhost for the rest. I've posted a test web server that you can use for running the sample application here in this newsgroup. -- Tim Young Elevate Software www.elevatesoft.com |
Mon, Jan 30 2012 4:48 PM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | Fernando,
<< Now, what's in the server side? Where is the data coming from? >> Duh, I forgot the most important part. I've posted a web server that you can use to serve up DBISAM tables. -- Tim Young Elevate Software www.elevatesoft.com |
Tue, Jan 31 2012 4:53 PM | Permanent Link |
Jan Ferguson Data Software Solutions, Inc. Team Elevate | Thanks Tim. The funny part was that I *could* run the project in the
IDE and it ran with data. It was when I put the project on my internet server that no data came up. I do understand that it is due to cross-domain restrictions. I will look at the test web server as well. -- Jan Tim Young [Elevate Software] wrote: > You may not be able to run the project in the IDE due to cross-domain > restrictions. You'll basically be trying to load data from > www.elevatesoft.com while using localhost for the rest. |
Fri, Feb 3 2012 3:31 AM | Permanent Link |
Richard ENT Technologies | "Tim Young [Elevate Software]" wrote:
>> >>I finally have the first CD Collector demonstration application up on the >>web site here: >> >>http://www.elevatesoft.com/cdcollector/cdcollector.html Hey, have you been in my house looking through my CD collection?.... That looks outstanding. I could never make it look that good, even with JQuery UI. Can we see the server side code, if there is any? |
Fri, Feb 3 2012 4:14 AM | Permanent Link |
Roy Lambert NLH Associates Team Elevate | Richard
Have a look in the demos ng Roy Lambert |
Fri, Feb 3 2012 7:58 AM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | Richard,
<< Hey, have you been in my house looking through my CD collection?.... >> Don't tell Roy, he thinks that my taste in music is horrible. << That looks outstanding. I could never make it look that good, even with JQuery UI. >> Thanks. << Can we see the server side code, if there is any? >> There's a test web server with the Delphi code used to serve up the JSON. It's pretty simple stuff, and should be easily portable to any other language. -- Tim Young Elevate Software www.elevatesoft.com |
« Previous Page | Page 2 of 2 | |
Jump to Page: 1 2 |
This web page was last updated on Thursday, October 3, 2024 at 06:23 AM | Privacy PolicySite Map © 2024 Elevate Software, Inc. All Rights Reserved Questions or comments ? E-mail us at info@elevatesoft.com |