) and the page inside the frame are hosted from the same domain (for example http://www.mycompany.com:8080/servoy-webclient/ss/s/solutionName) there is also no issue.
Servoy Web Clients run in a browser and can be started by accessing a URL on the Servoy Application Server.
<serverUrl>/servoy-webclient |
<serverUrl>/servoy-client/ss/s/mySolutionName |
<serverUrl>/servoy-client/ss/s/mySolutionName/m/myMethodName |
<serverUrl>/servoy-client/ss/s/mySolutionName/a/value |
<serverUrl>/servoy-client/ss/s/mySolutionName/m/myMethodName/a/value |
<serverUrl>/servoy-client/ss/s/mySolutionName/a/value/name1/value1/name2/value2 |
<serverUrl>/servoy-client/ss/s/mySolutionName/m/myMethodName/a/value/name1/value1/name2/value2 |
When running a Servoy Web Client inside an Frame or IFrame (here onwards just called frame) and the domain of the page into which the frame is embedded does not equal the domain from which the Web Client is hosted, there is a possible issue with the ability of storing HTTP Cookies.
Internet Explorer, by default, disallows the storage of Cookies from within frames if the domains of the page hosting the frame and the page inside the frame do not match.
The Servoy Web Client uses HTTP Cookies to save the position and location of dialogs. Also the functions application.setUserProperty(...) and application.getUserProperty(...) utilize Cookies in the Web Client.
If no dialogs are used in the application and User Properties are not used, there is no issue. Also when the page hosting the frame (for example: http://www.mycompany.com/pagewithframes.html) and the page inside the frame are hosted from the same domain (for example http://www.mycompany.com:8080/servoy-webclient/ss/s/solutionName) there is also no issue.
However, if dialogs or User Properties are used and are deemed important and the domains do not match, extra steps are required to make use that the application will function properly.
Option 1: Altering the Security level in Internet Explorer on every client machine
By default the privacy level setting of Internet Explorer is set to Medium. This setting can be found under Tools > Internet Options > Privacy tab.
When the level is set to Medium, third party cookies without a Compact Priviledges Policy will be blocked. By altering the privacy level to the lowest level "Accept All Cookies" the third party Cookies will get accepted. Although this works, it means that in order to be able to use the Solution properly the setting needs to be altered in the browser of all users. It can be that corporate IT departments restrict the user from altering this setting.
Third party Cookies: these are Cookies from a different domain as the domain from the main page displayed in the browser.
Cookies without Compact Privicy Policy: These are Cookies from pages that do not include a so-called P3P header in the HTTP Response
Option 2: Adding a "Compact Privacy Policy" to the Web Client
http://forum.developers.facebook.com/viewtopic.php?pid=204805
... </servlet-mapping> <filter> <filter-name>P3PHeaderFilter</filter-name> <filter-class>com.servoy.extensions.tomcat.filter.P3PHeaderFilter</filter-class> <init-param> <param-name>P3P-value</param-name> <param-value>CP="CAO PSA OUR"</param-value> </init-param> </filter> <filter-mapping> <filter-name>P3PHeaderFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> </web-app> |
http://www.alphaworks.ibm.com/tech/p3peditor
http://www.w3.org/P3P/implementations.html