[Developers] Questions about the login service
David Flanagan
david at davidflanagan.com
Fri Apr 4 18:23:47 UTC 2008
Hi,
Before I start asking too many more questions, I should introduce
myself: I'm the original author of the MQL documentation at
http://www.freebase.com/view/en/documentation, and I'm now working to
bring it up to date. So I'll probably be posting a number of questions
here...
Today, I'm wondering about the login service.
1) I original documented it as POST only, but now it works with GET as
well. Is that stable? Can I document it?
2) In my documentation I do some hand-waving about which of the cookies
returned by login is necessary for services that require login, and I
just say that you have to pass all cookies returned by login to the
services that expect cookies. I'd guess that that is no longer the
case. Is it okay to just pass the metaweb-user cookie? Or is the
metaweb-user-info cookie the correct one?
3) Are there plans to make the login service support https? And if so,
will the mqlwrite and upload services also support https? Otherwise
passwords and cookies (which are almost as good as cookies) are being
passed around as cleartext, which means that there aren't any really
strong guarantees against freebase identity theft.
Thanks!
David Flanagan
More information about the Developers
mailing list