Home

javascript

Google Wave Security issue with gadgets

Submitted by admin on Fri, 08/07/2009 - 07:09

In one of my previous posts about Google Wave I mentioned a security issue concerning gadgets. I decided to do a little more research on this subject and to do some experiments on some publicly available gadgets.

The issue

Before I get into detail about the issue, you need to know how Google Wave gadgets work. Gadgets are little pieces of html/javascript code that run inside of a wave. The state of a gadget is shared among every participant of the wave. Developers can access variables in this state by executing wave.getState().get(’name_of_variable’). To save or update variables into the state the following function exists. wave.getState().submitDelta({’name_of_variable’: value})

First look on Google Wave (Part 3) : Gadget API

Submitted by admin on Wed, 08/05/2009 - 17:12

This is part 3 of my Google Wave developer sandbox review. Part 1 and part 2 were both an introduction to some wave concepts. In this part we’ll be taking a look at the Google Wave Gadget API by writing a simple rating gadget. If you don’t know what gadgets are or what they do, please read my previous post here.

The gadget

The gadget I have written is supposed to be used when you want wave participants to rate something inside your wave (or the wave itself). You simply add the gadget to your wave, set the title and you’re good to go. I also wanted the gadget to have a settings menu that was only visible by the person who added the gadget to the wave.

Syndicate content