[Bug 42286] New: API and audience

bugzilla-daemon Tue, 20 Nov 2012 03:15:27 -0800

https://bugzilla.wikimedia.org/show_bug.cgi?id=42286


       Web browser: ---
             Bug #: 42286
           Summary: API and audience
           Product: MediaWiki extensions
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: Unprioritized
         Component: WikidataRepo
        AssignedTo: [email protected]
        ReportedBy: [email protected]
                CC: [email protected],
                    [email protected]
    Classification: Unclassified
   Mobile Platform: ---


The API should enforce audience public for all requests that are GET, not "must
revalidate" and "maxage" or "smaxage". Otherwise the request is private.

To make it somewhat simpler we could say that GET is public and POST is
private, and if "maxage" or "smaxage" is set then it is always public.

The reason for this is caching that may leak information.

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 42286] New: API and audience

Reply via email to