www-infrastructure-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sergio Fernández (JIRA) <j...@apache.org>
Subject [jira] [Commented] (INFRA-5938) Anonymous requests to Jira's REST API
Date Tue, 05 Mar 2013 16:09:11 GMT

    [ https://issues.apache.org/jira/browse/INFRA-5938?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13593520#comment-13593520
] 

Sergio Fernández commented on INFRA-5938:
-----------------------------------------

The current draft code we are using is now available at http://svn.apache.org/repos/asf/incubator/marmotta/site/trunk/content/resources/js/marmotta.js
                
> Anonymous requests to Jira's REST API
> -------------------------------------
>
>                 Key: INFRA-5938
>                 URL: https://issues.apache.org/jira/browse/INFRA-5938
>             Project: Infrastructure
>          Issue Type: Wish
>      Security Level: public(Regular issues) 
>          Components: JIRA
>            Reporter: Sergio Fernández
>            Priority: Minor
>
> Trying to integrate some stuff from jira in marmotta's webpage, I realized it is not
possible to call the rest api through javascript. Once I discovered CORS is disabled for that
host, I switched to JSONP, but it only works if I have my session open in the same browser,
which most likely is not the case to our target visitors.
> So, would be possible to enable anonymous requests? I checked, and the permissions in
the porject for "Browse Projects"is set to group "Anyone". Maybe, for avoiding abuse of it,
we could allow it only from some safe hosts, marmotta.incubator.apache.orgn and marmotta.staging.apache.org
mainly.
> Thanks!

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message