[tahoe-dev] How to use Caja to solve the same-origin policy hazard (hosting both webapps and untrusted content in Tahoe)
Kevin Reid
kpreid at switchb.org
Sat Jul 30 07:02:19 PDT 2011
On Jul 30, 2011, at 4:50, Greg Troxel wrote:
> In your worldview, are there multiple WUIs? I can see the desire to
> use tahoe as a backing store for a web server, but until there are
> redundant WUIs and the client can select among them - I don't see the
> point compared to just running apache with the content in tahoe. And
> when the client can fail over among them, isn't that almost like having
> the client be a tahoe node?
My proposal says nothing about the number of gateways, and I was largely assuming the default Tahoe model of every user running their own gateway (everybody's localhost:whatever). This is not *just* to support the unhosted-web-app scenario, but also to protect a file-upload-and-download user working through the WUI (which is one of my current two personal use cases for Tahoe).
--
Kevin Reid <http://switchb.org/kpreid/>
More information about the tahoe-dev
mailing list