[OSM-dev] Usage of the standard dev server
Tom Hughes
tom at compton.nu
Thu Feb 4 14:43:24 UTC 2016
On 03/02/16 21:51, markus schnalke wrote:
>> Adding https is also a bit tricky at the moment I think, but should be
>> possible if/when we switch to letsencrypt.
>
> That would be great and important, because HTTP Basic Authentication
> should not be done unencrypted. In developing an editor, one would want
> to ensure that the API is always called via HTTPS, if HTTP Basic Auth is
> to be used. Testing such an editor is thus not possible with the testing
> API.
If you're developing a new editor you should be using OAuth not HTTP
basic auth.
Tom
--
Tom Hughes (tom at compton.nu)
http://compton.nu/
More information about the dev
mailing list