[Developers] Questions about the login service
David Flanagan
david at davidflanagan.com
Fri Apr 4 23:39:33 UTC 2008
Tim Kientzle wrote:
> David,
>
> 1. Yes, it does work with GET and yes that is stable. We recommend
> using POST---especially for browser-based applications---but recognize
> that GET is often a great simplification for script authors.
>
> 2. The metaweb-user cookie is currently the only one that must be
> preserved. I do not expect that to ever change.
>
> 3. There are plans to make the login service support https but there
> aren't any immediate plans to support https for other services. We
> will soon start enforcing a limited lifetime (probably on the order of
> days) on cookies so that cookies aren't quite the same as passwords.
> (This lifetime would be enforced at the server, of course.)
>
> Cheers,
>
> Tim Kientzle
>
Thanks, Tim. For #3, will you allow the user logging in to specify a
lifetime for the cookies? If I'm writing a script that is only going to
make one call to mqlwrite, it might be nice to be able to use cookies
that are only valid for a few seconds...
David
More information about the Developers
mailing list