Abstract
Although the design goals of the browser were originally not at running applications or at displaying a number of small widgets on a single web page, today many web pages considerably benefit from being able to host small embedded applications as components. While the web is full such applications, they cannot be easily reused because of the same origin policy restrictions that were introduced to protect web content from potentially malicious use. In this paper, we describe a generic design for cross domain embedding of web applications in a fashion that enables loading of applications from different domains as well as communication between the client and server. As the proof-of-concept implementation environment, we use web development framework Vaadin, a Google Web Toolkit based system that uses Java for application development.
Chapter PDF
Similar content being viewed by others
References
O’Reilly, T.: What is Web 2.0: Design Patterns and Business models for the Next Generation of Software. Communications & Strategies (1), 17 (2007)
Mikkonen, T., Taivalsaari, A.: The Mashware Challenge: Bridging the Gap Between Web Development and Software Engineering. In: Proceedings of the FSE/SDP Workshop on the Future of Software Engineering Research (FoSER 2010), Santa Fe, New Mexico, USA, November 7-8 (2010)
Same origin policy, World Wide Web Consortium (W3C), http://www.w3.org/Security/wiki/Same_Origin_Policy
Grönroos, M.: Book of Vaadin (2009) (uniprint)
Perry, B.W.: Google Web Toolkit for Ajax. O’Reilly Short Cuts, pp. 1–5. O’Reilly (2007)
How to make XMLHttpRequest calls to another server in your domain, Ajaxian, http://ajaxian.com/archives/how-to-make-xmlhttprequest-calls-to-another-server-in-your-domain
Cross-Origin Resourced Sharing, World Wide Web Consortium (W3C), http://www.w3.org/TR/cors/
HTTP access control, Mozilla Foundation, https://developer.mozilla.org/En/HTTP_Access_Control
Safari same origin hole, The Spanner, JavaScript and general security blog, http://www.thespanner.co.uk/2007/06/29/safari-same-origin-hole/
Remote JSON – JSONP (December 5, 2005), http://bob.pythonmac.org/archives/2005/12/05/remote-json-jsonp/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lautamäki, J., Mikkonen, T. (2012). Cross-Domain Embedding for Vaadin Applications. In: Harth, A., Koch, N. (eds) Current Trends in Web Engineering. ICWE 2011. Lecture Notes in Computer Science, vol 7059. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27997-3_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-27997-3_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27996-6
Online ISBN: 978-3-642-27997-3
eBook Packages: Computer ScienceComputer Science (R0)