https://bugzilla.wikimedia.org/show_bug.cgi?id=27655
--- Comment #10 from Krinkle <krinklem...@gmail.com> 2011-06-03 07:51:30 UTC --- (In reply to comment #8) > Why was this fixed in reverse order? > > It should have been fixed first in html, then in javascript (which could then > take advantage of the token in the url). I disagree about it being the reversed order. They are two distinct methods using different protocols and different tokens. One is through the API, which scripts and programs use. This is through a POST request with a standard token that can be retrieved from the API. The other is on-wiki through index.php. This is trough a GET request with a stronger token (on-wiki action links can only be GET and thus need a little stronger protection, I'm not sure if that is still the case, but that's the way we did it with patrol and rollback links in index.php, so it makes sense to that here as well). Both are independent and need to be fixed seperately. AFAIK the order doesn't matter. The reason the on-wiki javascript-watch button is using the token already and the html isn't, is because the javascript button is using the API (not index.php), so I adjusted it in advance (since the API watch-module was already done) and the javascript wouldn't be done differently if it were fixed the other way around (ie. index.php first and api.php later) -- In the past many gadgets ajaxified functions by making a ajax-request to the index.php url (which they scrapped from the page) and giving an "OK" message through dom-manipulation by checking the http response code or by digging through the HTML of the response. This isn't very clean and doesn't provide very complete or accurate response to the user, and one could argue whether this is efficient (as it would cause MediaWiki to render an entire page rather than just a simple request with a short JSON response, that is more machine readable and language/wiki independent). Therefor the ajax-watch was switched to using the API a while ago. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
