[p2pu-dev] [jsFiddle] Zalun - Thanks for your comment re /show/
Piotr Zalewa
zaloon at gmail.com
Wed Apr 13 17:26:21 UTC 2011
Wouldn't providing a JSONP by server with the jsFiddle's get_username
solve this issue?
On 04/13/11 17:10, Dan Diebolt wrote:
> @Zuzel: I am not suggesting the passing of the actual credentials,
> cookies, session ids or security nonce. What I want to achieve is some
> way to parameterize the embedded content based on some state of the host
> page for two basic reasons:
>
> *First Reason: Convenient Management of Course Roster, Assignments &
> Course Resources*
>
> Let me give you a real example: many course organizers maintain a
> off-line spreadsheet for their class privately or perhaps share a
> spreadsheet / database for viewing or even editing by the course
> participants. Here are a variety of examples representing information
> such as a class roster, assignment urls, assignment completions and
> other info:
>
> *Wordpress Development Course*
> https://spreadsheets.google.com/pub?key=0AtIU11tP1lgFdFhwU2lqXzVoaUtueVl5TWdsTGkwVGc&hl=en&output=html
> <https://spreadsheets.google.com/pub?key=0AtIU11tP1lgFdFhwU2lqXzVoaUtueVl5TWdsTGkwVGc&hl=en&output=html>
>
> *School of WebCraft jQuery Course Group 1 Roster*
> https://www.quickbase.com/db/bfx7sqpm8?a=dbpage&pagename=jQueryGroup1.html
> <https://www.quickbase.com/db/bfx7sqpm8?a=dbpage&pagename=jQueryGroup1.html>
>
> *Edit Grid (Live Editable Spreadsheet)*
> http://p2pu.org/webcraft/node/27443/document/28447
>
> *Google Charts (Form & Report)*
> http://p2pu.org/webcraft/node/27443/document/27520
>
> Without passing any information from the host to
> the embedded spreadsheet / database you cannot distinguish one user from
> another so the embedded content is made view only or if made editable
> subject to being overwritten by accident or otherwise. Yes it is
> security by obscurity no matter how you slice it but large courses can't
> wait a year for a specific feature to be implemented in the
> P2PU platform and there will always be innovative ways to bring new
> content into a P2PU course which might benefit from a way to pass some
> type of parameter such as the user name, course name, section name,
> school name, task name, url resource etc. Nobody is every going to be
> able to build all the requisite content sharing features into the P2PU
> platform as fast as user will come up with new content innovations so
> some type of generic content embedding and simple parameter passing is
> needed. Courses can't wait for generic embed mechanisms such as
> oembed.com <http://oembed.com>, embed.ly <http://embed.ly> to mature and
> settle out.
>
> *Second Reason: Conveniently Build Course Examples & Helper Utilities
> Without Consuming and Waiting for Development *
> *
> *
> The ability to pass some type of parameter from the host page
> to embedded content will allow one miniature external resource to be
> re-used for a variety of purposes.
>
>
>
> _______________________________________________
> p2pu-dev mailing list
> p2pu-dev at lists.p2pu.org
> http://lists.p2pu.org/mailman/listinfo/p2pu-dev
--
blog http://piotr.zalewa.info
fidd http://jsfiddle.net/user/zalun/
twit http://twitter.com/zalun
face http://facebook.com/zaloon
More information about the p2pu-dev
mailing list