https://bugzilla.wikimedia.org/show_bug.cgi?id=30644
--- Comment #11 from Jeroen De Dauw <[email protected]> 2011-09-01 18:13:38 UTC --- Well, in that case I'd also not consider having the param in GET a problem. The difference between the two is just some effort, not real security. I just tried to have such a dynamic hash for the token of an API module, and apparently this is not supported. If it's good enough for the API, why would it not be for some UI? Or am I wrong and can you salt tokens used in the API with some variables? -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
