we have a "static", non-wicket CMS website and we want to include a dynamic wicket page/component in one of the static pages. Our idea was to use jQuery's load() method to load the content. And include wickets ajax js files in the header.
This worked more or less. But to make it work, the base-url of the page had to be redirected to the ajax endpoint of the wicket server.
Our latest and best solution is to include the page in an iFrame.
Is there any more elegant way to do this?
We have a similar thing, but we have made it by using the exact opposite of you. We include html fragment of the static content via Wicket and render our component inside.
I think, including (rich dynamic) Wicket content via ajax call, from static page, can break native Wicket power, action flow in statefull pages.
Opposite strategy (from cedric.gatay) seems better.
Related
General Scala-JS page building advice needed. Most of the examples seem to be of the pattern where the main into which your single page application will go is between the tags in a landing page html file. How do you handle the need to insert something in the meta area of the dom? Do I need to render my landing page dynamically from the server to accomplish this? My specific need is to inject a script tag into the meta area of an already defined static html page. I'm using scalajs-react.
Generally you will want a server-rendered "root page" for the SPA. This allows you to dynamically compute proper cache busting file names for your script and stylesheet tags and to easily manage the cache expiration of the root page. Also, for proper html5 push state support you'll want to serve that page at every URL, which is easily done with a server side route.
My application is mixed of wicket and jsp page . In my case i have to call wicket page from servlet with some value in request object . could someone please explain as how to achieve this. Thanks
What do you mean 'call a wicket page'? Do you mean load a wicket page to the user after he performs some action on the servlet-loaded page?
What exactly is your use case for this?
I think it would be better NOT to mix jsp and wicket, but given that you did:
BookmarkablePages provide a way to directly address a wicket page as it has a bookmarkable url (for instance, /home instead of /page?13). We use those to load a certain page with certain request parameters (ie, /student/1234/results shows the resultpage for student 1234).
Also, you could implement some kind of listener service that, based upon a certain call/payload, constructs a wicket page and returns the url for that page but that seems a bit overkill. In most cases I think bookmarkable pages a should suffice.
Have a look at http://wicket.apache.org/apidocs/1.5/org/apache/wicket/protocol/http/WebApplication.html#mountPage(java.lang.String, java.lang.Class)
or
http://wicketinaction.com/2011/07/wicket-1-5-mounting-pages/
I'm basically looking at a security problem between a parent page and an iframe with links to a third party.
I want to send a POST or a GET (doesn't matter which as I can control the other side) to the third party, but not expose any details within it (say a SID or a user token) and have it's HTML content (JS/HTML/Images) loaded into the iframe.
I've looked at server-side redirects, creating a proxy using webclinet/webresponse and am curious to whether there is a good way to do it.
Has anyone ever done this before, or think that the secrity is not possible? Hell, even if I'm barking up the wrong tree on how to solve this.
If anybody has any examples on this it would be greatly appreciated.
Cheers,
Jamie
[Edit] Was thinking I might need to add some more details.
Say I have a parent page: https://mycompany.com/ShowThirdParty.
This has an iframe in it at the moment which will have the content of another component (also owned by me, or another team more specifically)
Basically I'd like to send some credentials to content in the iframe in such a way that the external pages can't read it, the iframe is put into a modal (I've done that) and the iframe has the restricted content with the auhtentication almost seamless and invisible.
I currently have it working as a GET url generated dynamically via JS and then passed into the iframe src parameter, obviously that isn't secure.
I kind of want some kind of server side redirect across a full url, but I don't even think that's possible.
You could try using AJAX and load a PHP script (with any parameters to the script encoded/encrypted) to query the 3rd party page and load the response into the iframe. Not really sure how your code is setup but there should be a way.
It can also be done by POST Method (submit the data to iFrame using POST) as it is HTTPS so the data you send to iFrame is encryped.
I've got some javascript going on on my pages in addition to Wickets use. However, Wicket only loads jquery on pages where it sees that it is needed. Is there any way to make Wicket load jquery on all pages?
I'd hate to include jquery a second time.
Yes. You can include it in your base page so that it is available for all pages:
#Override
public void renderHead(IHeaderResponse response) {
super.renderHead(response);
response.render(JavaScriptHeaderItem.forReference(getApplication().getJavaScriptLibrarySettings()
.getJQueryReference()));
}
Wicket is smart enough to not include the reference multiple times if it is requested elsewhere too.
I'm looking to pass data from a form into an iFrame, but I have a slight problem.
The form page I can edit with no restrictions
The page I send the data to I cannot edit unless its html or JavaScript
The data needs to end up in an iframe within this page, which I can edit with no restrictions
I'm incorporating a search function into a CMS system which is why I cannot edit the iframe's parent page, and why I am using iframes at all.
At the moment the data sends to the parent page but is not picked up within the iframe, I am sending via the POST method.
I got it..
Added and extra page which converted the post data into session data,
if anyone knows a better way i would like to hear it though.
And they are the same domain, but editing the CMS system would have taken ages to look through as its not mainstream or developed by me.
Maybe I'm oversimplifying the problem, but can't you use the "target" attribute of the form tag to post to the Iframe?