[Seaside] assistance developing plugin for developing Facebook applications in Seaside

Chris Dawson xrdawson at gmail.com
Thu Jun 26 00:07:35 UTC 2008 

Randal,

I'm finally getting back to writing this code.  If I understand correctly
initialRequest is called only when a new session is created.  I think this
will give me the proper data so that I can retrieve the information I need
from Facebook, but I'd like to implement something that is called on every
request and not only when a new session is created.  The reason for this is
that if a request comes in that has the proper Facebook proxy parameters,
and then some action occurs and the next request looks like a valid Seaside
session but the Facebook proxy parameters are not correct, I'd like the app
to barf before it does any processing.  It is probably unlikely that
communication between the Facebook proxy and my app will be compromised but
I doubt Seaside session urls use some kind of cryptographically secure
mechanism to prevent spoofing so I'd rather be safe than sorry.  Any idea
how I could install a handler in between every request to verify the
Facebook proxy parameters?  I suppose I'd also like advice on what is the
"Seaside way" to barf when I see a failure.

Chris

On Tue, May 6, 2008 at 4:24 PM, Randal L. Schwartz <merlyn at stonehenge.com>
wrote:

> >>>>> "Chris" == Chris Dawson <xrdawson at gmail.com> writes:
>
> Chris> I'd like to write logic to enable this for my Seaside applications.
> Chris> Can someone tell me how I go about overriding the proper classes in
> the
> Chris> request chain to process these variables and then provide accessors
> Chris> within my base classes to the Facebook data?
>
> Your top level component should implement #initialRequest:,
> which will be passed a WARequest object, on which you can call
> things like #at: to get the various params.  See the implementors of
> #initialRequest: for examples (only WABrowser in the core Seaside distro).
>
> From there, you should be able to do the processing as you did in Ruby, and
> once validated, you can set up your components and subcomponents to reply
> appropriately within the session.
>
> --
> Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
> <merlyn at stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
> See http://methodsandmessages.vox.com/ for Smalltalk and Seaside
> discussion
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.squeakfoundation.org/pipermail/seaside/attachments/20080625/11f8ed86/attachment-0001.htm

More information about the seaside mailing list