www-infrastructure-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sergio Fernández (JIRA) <j...@apache.org>
Subject [jira] [Created] (INFRA-5938) Anonymous requests to Jira's REST API
Date Tue, 05 Mar 2013 13:41:12 GMT
Sergio Fernández created INFRA-5938:
---------------------------------------

             Summary: Anonymous requests to Jira's REST API
                 Key: INFRA-5938
                 URL: https://issues.apache.org/jira/browse/INFRA-5938
             Project: Infrastructure
          Issue Type: Wish
      Security Level: public (Regular issues)
          Components: JIRA
            Reporter: Sergio Fernández
            Priority: Minor


Trying to integrate some stuff from jira in marmotta's webpage, I realized it is not possible
to call the rest api through javascript. Once I discovered CORS is disabled for that host,
I switched to JSONP, but it only works if I have my session open in the same browser, which
most likely is not the case to our target visitors.

So, would be possible to enable anonymous requests? I checked, and the permissions in the
porject for "Browse Projects"is set to group "Anyone". Maybe, for avoiding abuse of it, we
could allow it only from some safe hosts, marmotta.incubator.apache.orgn and marmotta.staging.apache.org
mainly.

Thanks!

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message