Secure Global Desktop 4.31 Administration Guide
> Applets
> The ttawebtop.cgi CGI programSecure Global Desktop 4.31 Administration Guide
> Applets
> The ttawebtop.cgi CGI program
Note The ttawebtop.cgi program can only be used to access the classic functionality of Secure Global Desktop.
When you click on a link for an application, Secure Global Desktop
constructs a special URL containing information necessary to display
and resume the application. The information is specified in a query
string that is passed to the Secure Global Desktop CGI program
ttawebtop.cgi. Secure Global Desktop uses
ttawebtop.cgi to substitute placeholders in the HTML file
containing the emulator applet with values from the query string. For
example, ttawebtop.cgi replaces
%%OBJECTNAME%% in xde.html, by obtaining
the object's TFN
name from the URL.
If you don't use the webtop to run applications, for example you use an HTML form, you need to build the URL yourself.
Use this URL syntax:
http://server/tarantella/cgi-bin/ttawebtop.cgi/document?ob=objname&aw=width&ah=height&ti=title
where:
tarantella/resources/webtops/sco/tta/standard/locale=en-us/xde.html
(or tde.html for a terminal emulator).The following information must be supplied in the query string, if not specifed with applet parameter values.
| Argument | Description |
|---|---|
ob=objname |
The object representing the application you want to run. Use a TFN name for
objname.
You must URL-encode objname, see below for more details. |
aw=width |
The width (in pixels) of the emulator applet. |
ah=height |
The height (in pixels) of the emulator applet. |
ti=title |
The title text for the HTML page in which the emulator displays. Defaults to either "X Emulator" or "Terminal Emulator" if this argument is omitted. |
The URL of the HTML file containing the emulator applet must be
encoded using the valid characters and format specified in RFC1738.
This means characters such as <, >,
" and / are not allowed in the search (query string) section of the URL except in their encoded version. For example:
| use ... | instead of ... |
|---|---|
%20 |
space |
%22 |
" |
%2f |
/ |
%3c |
< |
%3e |
> |
Some other characters, for example & and = have special meaning
in the search section of a URL and, if you do not want them to be interpreted in that
way, you must encode them (for example & becomes %26
and = becomes %3d).
For additional security, for example to prevent cross-site scripting attacks,
ttawebtop.cgi also substitutes the following encoded characters
with their HTML character entities:
| this ... | becomes ... |
|---|---|
%22 |
" |
%26 |
& |
%3c |
< |
%3e |
> |
This prevents scripts encoded %3cSCRIPT%3esome_script_code%3c%2fSCRIPT%3e
from being returned and executed in the html passed back to the client.
http://newyork.indigo-insurance.com/tarantella/cgi-bin/ttawebtop.cgi/tarantella/
resources/webtops/sco/tta/standard/locale=en-us/xde.html?
ob=...%2f_ens%2fo%3dorg%2fcn%3dxterm&aw=640&ah=480&ti=xterm
Displays the application represented by the object .../_ens/o=org/cn=xterm in the sco/tta/standard webtop theme's xde.html file. The size is 640x480, and the title is "xterm".
Copyright © 1997-2007 Sun Microsystems, Inc. All rights reserved.