Permalink
Browse files

Problem description + TODO.

  • Loading branch information...
1 parent 626187b commit 266e3a64d552e5a2c04383139f81f891461dd388 @grimen committed Oct 19, 2011
Showing with 29 additions and 3 deletions.
  1. +9 −0 README.textile
  2. +16 −2 TODO
  3. +4 −1 spec/rack-iframe_spec.rb
View
@@ -2,6 +2,15 @@ h1. RACK-IFRAME "!https://secure.travis-ci.org/merchii/rack-iframe.png!":http://
_Rack middleware for enabling problematic web browsers (Internet Explorer and Safari) to use same cookies in iframes as in parent windows._
+h2. Background
+
+Best described via:
+
+* "http://tempe.st/tag/ruby-on-rails":http://tempe.st/tag/ruby-on-rails
+* "http://groups.google.com/group/rack-devel/browse_thread/thread/11da5971522b107b":http://groups.google.com/group/rack-devel/browse_thread/thread/11da5971522b107b
+* "http://grack.com/blog/2010/01/06/3rd-party-cookies-dom-storage-and-privacy":http://grack.com/blog/2010/01/06/3rd-party-cookies-dom-storage-and-privacy
+* "http://anantgarg.com/2010/02/18/cross-domain-cookies-in-safari":http://anantgarg.com/2010/02/18/cross-domain-cookies-in-safari
+
h2. Installation
Add to your @Gemfile@:
View
@@ -1,3 +1,17 @@
-== TODO
-- [rafactor/enhancement]: Use 'useragent' gem to parse 'USER_AGENT'-header - https://rubygems.org/gems/useragent
+
+== HIGH-PRIO
+
+- [feature/issue]: Handle case where HTTP cache headers makes web servers strip P3P tag (based on W3C spec).
+
+- [feature/issue]: handle case where IE-browsers deletes the cookie if status is 302 (potentially the solution on above squashes this too).
+
+
+== LOW-PRIO
+
+- [refactor/enhancement]: Use 'useragent' gem to parse 'USER_AGENT'-header - https://rubygems.org/gems/useragent
+
+
+== MAYBE
+
+- [feature]: Optionally silently/evily inject "the cross-domain iframe JavaScript hack" for Safari - or specified user agents - into the body response. >:)
@@ -3,7 +3,10 @@
require 'time'
# == References:
-# - http://grack.com/blog/2010/01/06/3rd-party-cookies-dom-storage-and-privacy/
+# - http://tempe.st/tag/ruby-on-rails
+# - http://groups.google.com/group/rack-devel/browse_thread/thread/11da5971522b107b
+# - http://grack.com/blog/2010/01/06/3rd-party-cookies-dom-storage-and-privacy
+# - http://anantgarg.com/2010/02/18/cross-domain-cookies-in-safari
describe Rack::Iframe do

0 comments on commit 266e3a6

Please sign in to comment.