Posted by deplifer on June 21, 2008 at 11:26pm
Jump to:
| Project: | REST Server |
| Version: | 5.x-1.x-dev |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Issue Summary
The minimum validation as the API_KEY never get's validated, so sending whatever parameter as an api_key will passthru without any problem.
As far as i testet using the sessid parameter does not either work that well using the XML_RPC server either, but using the API_KEY get's validated at least.
Im Attaching an xmlrpc.test vs rest.test, if you test both you will that the xmlrpc get's an access denied, vs the rest which passes just thru.
Also attahcing an simple fix for validating the api key.
| Attachment | Size |
|---|---|
| rest.test.txt | 365 bytes |
| xmlrpc.test.txt | 348 bytes |
Comments
#1
adding the missing file for validating the key.
#2
This might need reconsidering now that we have our own XML Writer.