#2 Separate safe/unsafe apis

open
api (3)
5
2007-02-20
2007-02-13
No

If OpenNab is ever going to be used in a "public server" as an alternative to Violet, then we need to able to have "public APIs" (e.g. I want my MAC to be public and anyone may send me an mp3) versus "private APIs" ( I don't want anyone to be able to reboot my buny; only I should be able to do it by using a password)

This is more an Apache configuration issue, but It's harder to do if everyting is invoked as api.php.

So "unsafe" operations should maybe be moved to a different entry point (secured_api.php?)

Discussion

  • Olivier Azeau

    Olivier Azeau - 2007-02-13
    • labels: 937118 --> api
     
  • Herman Kuiper

    Herman Kuiper - 2007-02-20

    Logged In: YES
    user_id=1724168
    Originator: NO

    On a per bunny basis, you can set in the INI file which plugin is allowed to run, and on a higher level, plugins can be enabled/disabled. Also, on a per bunny basis you can set IPs and subnets which are allowed to use opennab.

     
  • Herman Kuiper

    Herman Kuiper - 2007-02-20
    • assigned_to: nobody --> ozuzo
     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks