Closed alansemenov closed 5 months ago
This is due to #5668
We have several options:
allow webapps to call id-provider services.
This sounds logical. Id providers are no ordinary apps and should be always accessible by other apps.
migrate config service to json block
what is this?
what is this?
inject json on a page instead of calling a service. This is how we do it on react4xp https://html.spec.whatwg.org/multipage/scripting.html#data-block
<script id="myJson" type="application/json">
{
name: 'Foo'
}
</script>
the same issue hits sites which are protected by id providers - they won't be able to use idprovider service (if there is any)
We changed id-provider so it does not use service anymore. We cannot remove restriction as it might be already in use and changing it may introduce severe security issues. There are plans to combine services with new API functionality in XP8
With this vhost config
it's impossible to access service located at http://officeleague:8080/app/_/service/com.enonic.xp.app.standardidprovider/config