Hi, > I think Javascript is the only language with this particular > same domain restriction, but the general problem of remote client auth > without giving up credentials is, in my opinion, a valid concern we > would want to look into...
Indeed. I have came across the same issue while preparing ideas for the whole rollback/change monitoring complex; this could conceivably be handled by something outside of the normal API but then there would have to be a way for this outside thing to issue API requests "on behalf of" a certain user, and ideally without the user having to give away his password. I'm confident this will be solved (and give us single login for other services along the way). Bye Frederik -- Frederik Ramm ## eMail [EMAIL PROTECTED] ## N49°00'09" E008°23'33" _______________________________________________ dev mailing list [email protected] http://lists.openstreetmap.org/cgi-bin/mailman/listinfo/dev
