[OSM-dev] The future of Potlatch

Frederik Ramm frederik at remote.org
Thu May 1 21:37:38 BST 2008


> I think Javascript is the only language with this particular
> same domain restriction, but the general problem of remote client auth
> without giving up credentials is, in my opinion, a valid concern we
> would want to look into...   

Indeed. I have came across the same issue while preparing ideas for
the whole rollback/change monitoring complex; this could conceivably
be handled by something outside of the normal API but then there would
have to be a way for this outside thing to issue API requests "on
behalf of" a certain user, and ideally without the user having to give
away his password. I'm confident this will be solved (and give us
single login for other services along the way).


Frederik Ramm  ##  eMail frederik at remote.org  ##  N49°00'09" E008°23'33"

More information about the dev mailing list