Move AJAX API to /api/ajax/v2

XMLWordPrintable

    • Type: Task
    • Resolution: Done
    • Priority: Minor
    • COmanage Registry 5.3.0 SCU
    • Affects Version/s: COmanage Registry 5.0.0 (Pupal Eclosion)
    • None

      The AJAX API uses the standard REST API v2, but requires CSRF protection enabled whereas CSRF protection explicitly breaks standard usage of the REST API.

      It should be straightforward to expose the REST API at a second endpoint (/api/ajax/v2) but with CSRF protection enabled. This might also allow us to constrain which authentication mechanisms can be used for each API, should that become useful.

            Assignee:
            Ioannis Eythymios Igoumenos
            Reporter:
            Benn Oshrin (internet2.edu)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: