adding the missing file for validating the key.

deplifer - June 21, 2008 - 23:26

Project:	REST Server
Version:	5.x-1.x-dev
Component:	Code
Category:	bug report
Priority:	normal
Assigned:	Unassigned
Status:	active

Jump to:

Most recent comment

The minimum validation as the API_KEY never get's validated, so sending whatever parameter as an api_key will passthru without any problem.

As far as i testet using the sessid parameter does not either work that well using the XML_RPC server either, but using the API_KEY get's validated at least.

Im Attaching an xmlrpc.test vs rest.test, if you test both you will that the xmlrpc get's an access denied, vs the rest which passes just thru.

Also attahcing an simple fix for validating the api key.

Attachment	Size
rest.test.txt	365 bytes
xmlrpc.test.txt	348 bytes

» Login or register to post comments

#1

deplifer - June 21, 2008 - 23:27

Title:

API_KEY does not validated.

» adding the missing file for validating the key.

adding the missing file for validating the key.

Login or register to post comments

#2

Rob Loach - March 11, 2009 - 19:55

This might need reconsidering now that we have our own XML Writer.

Login or register to post comments

Drupal is a registered trademark of Dries Buytaert.