At the least, the doc should be updated to reflect that web2py_component and LOAD won't work under CORS conditions.
On Sunday, December 22, 2013 12:21:22 AM UTC+8, weheh wrote: > > @LightDot: Yah, that's the conclusion I've come to and already begun > implementing. But, something nags at me a little about all SSL all the > time. Seems like it's overkill under certain circumstances. But maybe > that's a good thing in this day and age. > > On Saturday, December 21, 2013 11:33:37 PM UTC+8, LightDot wrote: >> >> You could also programmatically enforce the usage of ssl across the >> entire site. Your ajax call would always be https -> https, making CORS >> redundant... >> >> Regards >> >> On Saturday, December 21, 2013 3:44:51 PM UTC+1, weheh wrote: >>> >>> I am dead in the water trying to make an https ajax call from an http >>> session. CORS is enabled on server. The web2py_component https URL with >>> user_signature=True triggers a False auth.is_logged_in() when, in fact, the >>> user is logged in. Oops, a total show stopper. >>> ... >>> >> -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
