[Chameleon] Security Question

c p cplists at gmail.com
Tue Feb 22 11:36:42 EST 2005


Eric,

I'm not sure which widget is doing this.. from the method name I'm
guessing it's the JSAPI widget(s)? that causes it.  I'm just learning
Chameleon so I've just been modifying the basic JSAPI sample app
distributed with Chameleon v2.0.   The generated javascript method
which contains the map file definition is:

/**
 * CWCJSAPIWInit
 * called to initialize the JS API widget
 */
function CWCJSAPIWInit()
{
  ....


Corey


On Sat, 19 Feb 2005 07:57:45 -0500, Eric Bridger <eric at gomoos.org> wrote:
> Corey,
> 
> We have depolyed a number of Chameleon applications and I cannot find any display of the connection string in the html source in them.
> Do you have any idea which widget is doing this?
> 
> Eric
> 
> At 11:05 AM 02/19/2005 +0100, Bart van den Eijnden wrote:
> >Hi,
> >
> >one way of working around this would be setting up a Mapserver WMS around
> >your PostGIS data source, and using a WMS client layer in your Chameleon
> >MAP file.
> >
> >But I am sure there will be easier ways/fixes .....
> >
> >Best regards,
> >Bart
> >
> >On Fri, 18 Feb 2005 14:26:02 -0700, c p <cplists at gmail.com> wrote:
> >
> >>Hi again...
> >>
> >>I noticed if I view the source of the generated html & javascript in
> >>my web browser that the layer definitions from my mapfile are embedded
> >>in the javascript including the connection string (including username
> >>and password(!!)) for postgis data sources.
> >>
> >>Is this a known issue?  How does one work around this?
> >>
> >>Thanks,
> >>Corey
> 
>


More information about the Chameleon mailing list