Bug #3037

[API] websocket clients should not put API tokens in path or query string

Added by Tom Clegg almost 8 years ago. Updated 11 months ago.

Status:
New
Priority:
Normal
Assigned To:
-
Category:
API
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Story points:
1.0

Description

Passing the token in an Authorization header (like the http interface) would be ideal. Passing it in a POST parameter would be acceptable.

History

#1 Updated by Tom Clegg almost 8 years ago

  • Target version set to Arvados Future Sprints

#2 Updated by Tom Clegg over 7 years ago

  • Subject changed from websocket clients should not put API tokens in path or query string to [API] websocket clients should not put API tokens in path or query string
  • Description updated (diff)
  • Category set to API
  • Story points changed from 2.0 to 1.0

#3 Updated by Ward Vandewege 11 months ago

  • Target version deleted (Arvados Future Sprints)

Also available in: Atom PDF